How To Thwart the High Priests In IT 417
GMGruman writes "You know the type: They want to control and restrict any technology in your office, maybe for job security, maybe as a power trip. As the 'consumerization of IT' phenomenon grows, such IT people are increasingly clashing with users, who bring in their own smartphones, use cloud apps, and work at home on their own equipment. These 'enemies' in IT are easy to identify, but there are subtler enemies within IT that also aim to prevent users from being self-sufficient in their technology use. That's bad for both users and IT, as it gets in the way of useful work for everyone. Here's what to look for in such hidden IT 'enemies,' and how to thwart their efforts to contain you."
Someone wasn't allowed to bring his toys to work.. (Score:4, Funny)
Re:Wow, what a stupid post (Score:5, Funny)
When you call it "my corporate network", you have defined yourself as the exact IT staff users complain about. It's not your network, unlesss you own the corporation itself. It is the company's network.
I think you drew the wrong conclusion from the GP's phrasing. Having been an IT Director for several companies, I commonly referred to any equipment or applications that I was responsible for as "mine." It doesn't mean I own it. It means it's my job to make sure it's up, available, reliable, and secure at all times.
Sure you keep things up and running, but you're not making the products, or out there selling them. Therefore, you're job is wholly dependent on your ability to let the breadwinners of the company do what they do best. If they find they feel more comfortable on an iPad, your job isn't to defend "your" network from an unsanctioned device. Your job is to make sure the device works, so that the employee who is generating the dollars that pay your salary and benefits can continue to do so.
You're both right and wrong here. My job *is* to make sure the breadwinners can do what they do best. Now, please tell me how they can do that when the whole network's been taken down because Mr. Breadwinner brought in his shiny new doo-dad -- which got infected at home before it ever hit the corporate network -- and allowed an outside party to get in and screw everything up. Tell me how customers will keep using our company's services after all their personal data was stolen and sold on the black market after a compromised device was used to hack a server. Tell me how long our company will be in business after Mr. Disgruntled Employee wandered out the door on his last day with our complete client list, pricing data, project plans, etc. all ready to be turned over to the competitor he's leaving us for.
It happens a lot more often than you think. Most intrusions these days are the result of compromised *internal* systems reaching out to external entities for command & control rather than nefarious outside hackers trying to ram their way through the corporate firewalls, DMZ's, and so forth. The *least* secure place on almost any network is the "inside network" where all the PC's, laptops, and shiny new doo-dads Mr. Breadwinner brought in lives. The absolute dumbest thing any IT group can do is give carte blanche to folks who want to bring in any whiz-bang device they just happened to pick up at Best Buy last night.
My job is to make sure *everyone* can do their job, not just the people in direct client-facing roles. Remember, even though *you* may bring the money in the door, Payroll pays *your* paycheck and benefits the same as it pays mine. If they're down, none of us gets paid...including you, Mr. Breadwinner.
Because if the CEO comes in with a new device, I don't know about you, but I've never known it was an option to tell him "no, you have to go return that" if it was at all possible it would e made to work. And if their iPad or android tablet can work for them, it should be a no brainer that any other employee in the enterprise that requires remote email access should be able to use the same.
Any reasonably-structured IT organization has a published policy or set of policies governing approved devices. These policies are enforced regardless of employee rank or position. If the CEO wants to violate IT policy, the CIO should vigorously object. Should the CEO insist, he may get his way, but the policy violation will be documented and the CEO will be held responsible for any fallout. This is enough to desist all but the most idiotic CEO's. There are regulations governing pretty much every major industry, regulations requiring something like a security policy with company-wide compliance. Violating this is a good way to get your business shut down, even if the violation never results in any breach (i.e. it's only discovered in an audit).
The real answer h
Re:SOX Compliance (Score:5, Funny)
Shit, I can't even install and use iTunes
You can't really blame them for blocking malware...