South Park’s infamous Underpants Gnomes might have been on to something: In The Checklist Manifesto: How to Get Things Right, Dr. Atul Gawande shows how even very smart professionals can trip up on the details of their complex procedures, but that the presence of a clear, step-by-step guide can dramatically improve success rates:
Ok, so the Gnomes were missing step two, but the question was recently raised on a security mailing list about whether the same methodology could be applied to information security practices. The response was positive but Benjamin Tomhave noted some caveats in his e-mailed response:
Of course, the flip side is that checklists in an area like IT can be detrimental, too. PCI is a great example, where it never made a claim of being comprehensive, yet is treated as such (and codified in State laws for crying out loud), and then orgs still get hacked, leaving them to wonder why the checklist didn’t protect them.
Perhaps the key, then, is knowing that you need experience+procedures. Procedures allow you to not screw up the mundane and routine, while experience allows you to dynamically respond to issues that don’t fit the precise steps of the procedure. Part and parcel to this, then, is needing to empower experienced professionals to be flexible and dynamic in the vast of challenges rather than requiring them to rigidly adhere to procedure in all instances.
Have you found checklists a helpful addition to an IT workflow? I’d love to hear your stories (or better yet, see your checklists!) at Michael@ITKnowledgeExchange.com. I’ve heard a lot of justified grumbling over the years about PCI security-by-checklist, but I’d love to hear some success stories, too.
There might even be from free swag in it for any good responses!
The key to controlling this risk is to make our internal systems attractive, functional and easy to use. Then we avoid the temptation for power users to use twitter etc for their business purposes.
Maybe we need to trust our internal customers to set up wikis, provide internal chat services etc. and re-think all the prohibitions on the Acceptable use policy.
We can spend a fortune on locking down every USB port in the company, but perhaps that money is better spent on making sure the file sharing server has enough grunt to do its job properly.
Craig from Ontario saw the same problems, citing “horror stories of the ‘helpless’ desk that is unable to solve day-to-day problems which cripple users and slow or even prevent them from accessing applications they need to use.” On the other hand, Craig wrote, more and more users entering the workforce lack technical sophistication but are supposed to jump heads first into systems IT has implemented. Without at least some hand holding and guidance, business will likely grind to a halt or users will find shortcuts that could come back to bite them, like using more familiar spreadsheet software that doesn’t implement proper auditing and checks.
Where do you stand? Feel free to write in to me at Michael@ITKnowledgeExchange.com.
Why should you care about aligning your IT department with business goals?
Are you tired of projects stretching on for months, only to be scuttled for “business reasons”? Looking to boost your job security and get a few more feathers-in-the-cap? Then you’ve come to the right place: The IT Watch Blog is dedicated to pulling together the very best resources for helping you align your IT department with key business priorities.
Frequently Asked Questions about IT business alignment:
- Who are project managers reporting up to?
- Organizational alignment for BASIS
- What is the business value of doing custom inhouse application development?
- What is required for organization to start focusing on business Agility instead of Agile being always IT team focused?
Or check out even more IT business alignment questions answered by our expert community.
For a deeper dive, take a look at some of these excellent blogs and blog posts about aligning business and IT we’ve pulled together from across the Internet.
Blogs and blog posts on IT Business alignment:
- Dilbert on IT / business alignment by Michael Krigsman
- How to get that coffee back: Align to business priorities on the IT Watch Blog
- On IT-business alignment and related things by MWD Advisors
- IT and business alignment: Wrong choice of words? at TotalCIO.
Want to connect directly with experts? Why not try Twitter: We’ve compiled some of the top experts in the area, so follow them or Tweet them directly and they might offer some individualized advice!
Top IT Business alignment Twitter accounts:
What else would make this guide useful to you? Let me know in the comments or e-mail me directly at Michael@ITKnowledgeExchange.com with any additions, corrections or suggestions.
IT Channel Insider put together a good news/bad news 2010 trends slideshow. The good news: Hiring is likely to resume. The bad news: 37% of employers plan on continuing to cut perks like 401k matching, bonuses and free coffee.
What can you do to stop the slide? Prove that your IT department personnel are business critical and worth keeping around. In most companies, IT ends up being a cost center:
A cost center is part of an organization that does not produce direct profit and adds to the cost of running a company. Examples of cost centers include research and development departments, marketing departments, help desks and customer service/contact centers.
Although not always demonstrably profitable, a cost center typically adds to revenue indirectly or fulfills some other corporate mandate. Money spent on research and development, for example, may yield innovations that will be profitable in the future. Investments in public relations and customer service may result in more customers and increased customer loyalty.
Part of the reason is that oftentimes overall business objectives and IT priorities become unaligned, or aren’t aligned to begin with. Keep an eye on the IT Watch Blog over the next few weeks and we’ll explore how to get things back in sync.
Otherwise, if you want those perks back, you might need to follow John C. Reilly’s lead and learn your way around the casino.
[kml_flashembed movie="http://www.youtube.com/v/LgEApN9ap0A" width="425" height="350" wmode="transparent" /]
It’s a bird, it’s a plane … it’s the power user, already at a cubicle near you and posing all manners of threats and opportunities. By day, she’s a mild-mannered employee at a large metropolitan company. But she’s capable of skirting around IT rules and restrictions to do things the way she wants, often cutting out busy work but opening up new vulnerabilities.
The old example? Forgoing the sluggish fileshare in favor of thumbdrives that cut the process of sharing files across the office down to minutes, or let her take her work home at night. But what if that thumbdrive contained 7,000 social security numbers, and was lost?
The new example: The employees who routes all their corporate communications through their GMail account, their iPhone, and their Twitter.
And “hacking work” is now pitched not as the sole province of the uber-geeky but as a necessity to staying ahead in a tough tech-based economy. Steve Rubel issues a call-to-DIY IT arms, which ends with the somewhat inspiring, somewhat frightening appeal (emphasis mine):
Those who embrace using new technologies and tools will not only survive, but thrive. No one will teach you necessarily how to do this on your own. Each information worker needs to take matters into their own hands.
As the year winds down, my inbox inevitably fills with pitches from PR firms, analysts and vendors for their 2010 predictions: Social networking security threats, wireless data congestion and true total network convergence (again). And that doesn’t even touch on the more fanboy-ish dream predictions of Apple tablets, Google netbooks and Microsoft … hmm.
It feels a little bit like self gratification, to be honest, particularly since once those predictions are postulated, they tend to disappear as quickly into the ether as those New Year’s resolution to drop 10 pounds and save a bit more. And when we do look back, it’s not always pretty. Foreign Policy took a look at the ten worst 2009 predictions, from economic misdiagnosis to swine flu hysteria. And if you think those are bad, the tech press can be much, much worse (see: Aforementioned Apple Tablet. Heck, see: Anything Apple).
But budgets must be made and strategies planned, so as long as we take these predictions with a grain of salt, maybe they’re not all bad if they keep us ready for what’s just around the bend and thinking beyond the daily fire fights we face.
Here’s some predictions from across the ITKE blogs, and feel free to send me what you see as the big trends for 2010 at Michael@ITKnowledgeExchange.com.
2010 IT Predictions:
- 2010: The Year of Windows 7 Malware by Tony Bradley
- Ready or not, here comes 2010! by Ed Tittel
- The Economist Sees IT Up in 2010 by Ed Tittel
- The Windows Report — Looking ahead to 2010 by Brendan Cournoyer
- Some IT predictions from IDC by Mark Fontecchio
- Gaze into the 2010 telecom industry predictions by Dan Levine
- IDC: IBM will buy Juniper in 2010 by Shamus McGillicuddy
Wired Magazine has put together a comprehensive look into what went wrong with Duke Nukem Forever’s development, detailing how what should have been a home run became one of the most infamous cases of vaporware ever through a series of mismanagement steps and missed deadlines.
The primary culprits?
- A generous budget
- An unclear destination
- Endless pursuit of the latest bright shiny objects
- An understaffed team
Have you seen these factors de-rail any IT projects? I’d love to hear in the comments, or privately at Michael@ITKnowledgeExchange.com. Hopefully the Duke’s sad demise can save others the same fate.
The Spiceworks team has been hard at work on some presents for system administrators in medium-sized businesses hoping to get better control of their network: The free network monitoring package doubled the size of networks it officially supports from 500 endpoints to a 1,000.
As an added bonus, in the spirit of universal good will towards man, the tool now supports user-generated language packs that span the globe.
This isn’t the first time 500+ endpoint companies can use Spiceworks: The tool didn’t have a hard-limit set in. But Jay Hallberg, a co-founder and VP of marketing, said that the company decided to roll out support for some of the most-wanted features by their larger user bases.
“We looked around our userbase and found a lot of people with over 500 devices and 500 employees using Spiceworks quite successfully, and they asked for features that were more important for networks their size, so we added those,” he said.
Those feature sets primarily focused around improved:
- Network monitoring and inventory support
- More sophisticated features for helpdesk employees
- More real-time monitoring
When you’re a BlackBerry user, you make a deal: You get speedy e-mail, good battery life and, every once in a while, your service just won’t work*. It happened again today, but as CEO Mike Lazaridis once explained, RIM has had 99.85% uptime. That’s just a bit over an hour a month if you average it out (check uptime calculations yourself).
Once we cut out definitions that have to do with literary or heroic qualities, we’re left with the following definition of “epic”:
Surpassing the usual or ordinary, particularly in scope or size:
RIM’s BlackBerry outage today was certainly large, certainly obnoxious in both scope and duration, but, as far as RIM outages go, it wasn’t surpassing the usual. If only it was an “epic” fail, than maybe BlackBerry users wouldn’t have to take these outages as part of their deal to get fast e-mail.
*Some corporate customers are exempt, as their mail is routed over BlackBerry Enterprise Server.
Intel discovered you can have too much of a good thing when the FTC came a knocking, suing the chip giant for “a systematic campaign to shut out rivals’ competing microchips by cutting off their access to the marketplace.” You can read the FTC’s statement regarding the suit against Intel yourself, but it isn’t pretty:
According to the FTC complaint, Intel’s anticompetitive tactics were designed to put the brakes on superior competitive products that threatened its monopoly in the CPU microchip market. Over the last decade, this strategy has succeeded in maintaining the Intel monopoly at the expense of consumers, who have been denied access to potentially superior, non-Intel CPU chips and lower prices, the complaint states.
The FTC goes on to state that advances by AMD and other competitors in GPUs are now threatened by similar shenanigans, and it will not stand.
While the news hasn’t knocked Intel’s stock completely off the charts, it’s certainly given a boost to competitors like AMD over the past few days:
And other competitors, like Nvidia, aren’t above celebrating either, as All Things Digital’s John Paczkowski reports, quoting a memo from Nvidia’s CEO Hsun Huang:
The U.S. government announced today that it has filed an antitrust lawsuit against Intel. This is an action the industry needs and one that consumers deserve. And it’s one that can completely transform the computer industry.
The facts are clear. The FTC has charged that Intel has used its monopoly illegally to stifle innovation, to keep prices for their products inflated, and to unfairly block competitors. The FTC believes that millions of consumers have paid more and received less quality in return–and that companies and their employees have been forced out of markets where Intel has been threatened.
Before Huang & Co. put their party hats on, however, a little perspective might be warranted: While this case has been fast tracked already, it won’t be heard by the FCC until September 15, 2010, giving Intel’s legal eagles plenty of time to prepare. And they already have plenty of experience, as ITKnowledgeExchange contributor Tony Bradley notes in his timeline of Intel’s legal imbroglios: Intel has tangled with AMD, the FTC and even the country of Korea for its business practices.
What do you think? Is hte latest case merely a bump in the road to Intel’s continued dominance, or will this suit, coupled with the rising importance of GPUs, signal a fundamental changing of the gard?