A properly maintained Five-Year Plan means that your One-Year Plan is being worked on and readied not only in a “near-term” advance; you’ve been working on it to one degree or another for five years! That’s powerful. Again, this plan drops into place from the front of your Five-Year Plan. It outlines all of your major objectives for the year with just enough detail so as to present an efficient, informative overview of each objective. Items on the One-Year Plan are broken out and assigned to individuals and, as necessary, groups, to manage as projects for the larger endeavors and as tasks for the smaller initiatives. Hence each item on the One-Year Plan is on at least one person’s Individual Action Plan; some items on the One-Year Plan will be on several individuals’ action plans, since they will require a team, or project, effort. Group initiatives will show on the Individual Action Plans as a specified role and set of responsibilities for that individual.
Each IT staff member’s Individual Action Plan is a roll down from the department’s One-Year Plan. Each item on the One-Year Plan is on various Individual Action Plans, with expanded detail and specific expectations. Here are the actual projects, tasks, duties, and ownerships – indeed this plan is one of the most effective levers for getting things done. Sure, you’ve got goals listed in each of your employee’s appraisals, and you may have a professional development document somewhere – these are generally filed away until a mandated annual review. But the Individual Action Plan is drafted and maintained by the individual IT staff member, and approved by the manager. It has projected dates for completion of items. It is reviewed quarterly at a minimum, and on an ad hoc basis as necessary. Items are marked as completed or pending as appropriate.
If an item is not to be undertaken – for example if something cannot be funded as anticipated – it is removed. Initiatives that were not originally planned, but which have been added to the year’s objectives, are assigned and added to an appropriate person’s action plan as necessary. A well maintained Individual Action Plan is a ready reference come review time, and makes the preparation of each employee’s appraisal much easier – it also makes for great supporting documentation.
A current year’s Individual Action Plan can also include items from any year of the Five-Year Plan. For example, a somewhat distant future initiative may need researching now. However, the Individual Action Plan is primarily a “get it done” document for achieving the near-term objectives of the coming year.
The “Who” of Getting Us There: Further, as we consider the importance of ‘where we are,’ ‘where we’re going,’ and ‘how we’re getting there,’ consider the ‘who’ of getting there. Who exactly is doing what? Within the organization, the Individual Action Plan is the ultimate setting, documenting, and control as to who is doing what.
Toward the middle and end of each year, a major focus shifts to year-one of the Five-Year Plan. It is now the upcoming One-Year Plan, and it should be on the agenda in the BIT meetings. It should be raised in budget meetings, all-staff meetings, and IT staff meetings: anywhere futures discussion and planning is happening. The IT leader must be sure to do a final survey of Business regarding all of their needs, real and imagined, and the various Business teams must vet and justify each. It is also very important for Business to make their own effort: to make needs known to IT on a timely basis, particularly as regards changing needs that evolve between formalized meetings or understandings. The fourth quarter of the year is a good time for IT’s sponsor(s) to attend a BIT meeting or two. Getting everything on the table and identified as a “need,” “want,” and “wish-list” type of item is very important.
Once the year starts, remember that the current One-Year Plan is a living document. As the BIT team meets, and issues are raised or fine-tuned, relevant items add to the plan and get tracked. Some items may drop. There should be very few “surprises” in a properly maintained plan environment. IT works within its supervision to make sure the BIT-developed and other work is on track with the organization’s goals and expectations.
As a One-Year Plan approaches actualization, specific items take shape as separate, defined, and detailed plans in support of managed projects. As the bulk of the work is viewed from a requirements standpoint and a budget perspective, and as work is discussed and balanced in terms of load to departments and individuals, it starts to become apparent what can be supported – and perhaps what cannot.
In other words, the overarching One-Year Plan becomes fairly steadfast, and becomes a catalog of sanctioned projects and initiatives – pointing to detailed plans that are under development or ready for execution. As importantly, any delayed or disapproved work will be known to all participants – expectations and requirements are now being satisfied according to the organization’s authority and sanction, with everyone’s full knowledge.
Any specific IT plan should have a match to a business plan or objective in the organization. The Five-Year, One-Year, and Individual Action Plans must support sanctioned business initiatives. IT’s plans help to establish where you are, where you’re going, and the route for how you’re getting there.
As importantly, direct responsibility is assigned through the plans; the specific “who” of getting you there.
Remember to leverage BIT and its agenda in support of managed change according to plan.
October 31st: It’s Halloween. :^ )]]>
IT’s general support to the Business-Technology Weave can be effectively planned and managed through three major plan types. These are the high-level, across-the-board support plans – which acknowledge and mark the upcoming projects.
We’ll refer to these IT-Business support plans as the Five-Year Plan, the One-Year Plan, and the Individual Action Plan. You may wish to label these plans differently in your organization; you may need to look further into the future with a ten-year plan – or more. But here we’ll use these generic names for ease. Let’s take a brief look at each plan type, how it relates to the other plan types, and how together they help maintain your directed change, and adjustment to outside, impacting, change.
The Five-Year Plan begins with the upcoming (next) calendar year, and extends through each of the upcoming five years. The upcoming first year becomes the organization’s detailed One-Year Plan, upon the turn of that new year. Therefore, the first year of the Five-Year Plan should contain everything you intend to do in the upcoming year. Since the One-Year Plan is the near-term focus for what needs doing, it should be as detailed as necessary – it is executable in that it has been vetted and sanctioned, is budgeted, has been announced, and all preparatory steps have been taken for each element of the plan. It matches the organization’s business expectations, needs, and overall business plan for the year. Also, the One-Year Plan spawns all of the detailed project plans and individual action plans as necessary for the organization’s various managed projects and changes. The organization’s overall project management benefits from the coordinated tracking on the Five and One-Year plans; supports, dependencies and competition for resources can be adjusted in maintaining optimal results.
The Plan’s Progression: Years Two, Three, Four and Five are progressively less detailed, respectively, as you consider periods of time that are further out from “now.” Looking out to Year Five, we can see that in a year’s time, its detail and plan moves into the Year Four slot; the former Year Four is now Year Three, and so on. At each turn-of-year, a new Year Five is added to the back of the plan. As each year of the Five-Year Plan marches toward you, it is massaged into better focus; adjusted according to changing business priorities or objectives; availability of resources; advancing technology; changing environment; and new methods and practices. There is an ongoing maintenance for the organization’s alignment of business and technology. Eventually, our original Year Five clicks forward, having evolved and focused according to needs, until it moves into position as the One-Year Plan. In this manner, we find that a properly maintained Five-Year Plan can efficiently generate a comprehensive, executable, sanctioned, and aligned One Year Plan. This means that an organization’s staff is fully informed and qualified to tackle the forthcoming changes, and changes align with business needs in fulfilling expectations accurately, comprehensively, and efficiently.
At any given time, we can expect that Year-Two doesn’t have quite the focus or detail as Year-One – however, most major initiatives are known and a fair amount of detail is present. The more distant years will have large bullet items without a lot of detail, because technology and business factors change, sometimes radically, over a period of years. Your Years-Four and Five may even contain rather whimsical “wish-list” type of items, just to keep them on the radar. Your organization may have potential mergers or acquisitions under consideration, which will require different technology and business practices – these considerations can call for placeholders on the plan, ensuring some exploratory discussion and gathering of pertinent information. These efforts establish and define a ‘where we are,’ also project a ‘where we’re going,’ and ensure the start of a bona-fide, progressive, route for future actualization.
At the same time, the Five-Year Plan cannot simply be a receptacle for every crazy brainstorm or trendy practice that comes along. It must represent a managed plan that adheres to the true needs of the organization, as best as you can determine them at any given time.
The Five-Year Plan (or any long range plan) also does something else that’s very important: it should not only expose dependencies, but should also show vulnerabilities and strengths. For example, if your plan is to implement a new content management system in the course of the next few years, you may need to consider an upgrade to your hardware platform and infrastructure. Your plan may have to accommodate new fileservers and workstations, for example. You’ll have a significant training and support burden. Once that decision is made, it may be evident that another project that was waiting for these upgrades can now move forward. The preparation and timing for implementation of many things will coordinate nicely through the plan.
Remember: As the first year of the Five-Year Plan becomes the current year, that part becomes the new year’s One-Year Plan. The Five-Year Plan adds a year at the end of its range, is populated as necessary over the course of time, and all years are updated and tuned accordingly. A properly maintained Five-Year Plan not only means that you know where you are, and where you’re going, but also means that you’ll always have your One-Year Plan ready at the beginning of each year. In fact, you’ll have one-year plans under development for each of the next five years. That is managing change as a continuum. Also keep in mind that you can project further if you feel you need to. Just remember to match your time and effort to the likelihood that a particular plan objective will actually be undertaken.
Coming: The One Year Plan, and the Individual Action Plan.
October 31st:On this day in 1956 Brooklyn, NY ended streetcar service.]]>
I was speaking about plans and projects with someone the other day. As far as challenges go – next to people – change and the associated planning is the most difficult element of The Weave.
Change is a continuum. For the organization, something is continuously changing that affects it: Change is happening within, and it is happening in the surrounding environment. All change must be weighed and assessed for impact, and there must be a ready posture for doing this. Too many organizations think of change as something mounted in a burst; “now we can rest.” This is why so many organizations seem to take action at the back edge of the envelope: change for them is constituted as an addressal of problems under pressure-filled and even desperate circumstances.
When change is mounted under pressure, there is usually a failure to fully survey where you are. It may seem obvious, but in planning a destination (that is, a project’s destination), with appropriate directions, you must know your point of origin: the organization’s true station and status. You must survey business process, your technical enablements, and your people. If you don’t know where you are, the route to destination is a broken one – reaching the destination is painful, inefficient, and sometimes not even achieved.
The smart organization doesn’t disengage from change – nothing around the org stands still if it does. Therefore, the management of change isn’t just some reaction to what is happening internally, or some engagement that is “forced” by outside change. You must present a position of readiness, so that you have the “muscle” in place to exercise change. You must be able to forecast, develop, and schedule. This requirement for readiness presents itself to the individual, to groups, and to the organization in equal measure, as we’ll see.
Today, we need to realize and acknowledge that even change changes. How does change change? Consider: While we’re busy implementing a documented, sanctioned change, some of our assumptions, support products, fiscal supports, regulatory requirements, business practices, etc., haven’t done us the courtesy of standing still. Further, various projects and their change can compete for common resources; they can shift in schedule and crash into one another; they can have interlocking dependencies and impacts that must be carefully coordinated. Any time you make a course correction, an accommodation, an expansion in scope, etc., you are making a change to change.
Circumstances such as these, and the quality of planning in your organization, yields one of two things:
1) A house of cards, or
2) A solid structure of mutually reinforcing initiatives and projects.
Because things are shifting and evolving around us all the time, we need plans that have enough structure to guide us effectively, but that are not so rigid as to “straightjacket” us. We don’t want to be implementing so-so or broken solutions today that looked great yesterday. We don’t want the organization to be thrashing as it attempts to mount major changes without regard to prudent sequence, or that are even in direct competition with each other.
High Level Plans in Support to Detailed Plans
From a high level view, we need to plan support to the Business-Technology Weave. High-level plans should identify, guide, assist, and facilitate that which you wish to accomplish. They provide the general documentation and a calendar position for a collective of projects and initiatives, the sum total of which represent the organization’s forward thrust, and each of which have their own detailed, operational plans as separate documentation.
Aligning an organization’s detailed plans, projects, and initiatives is similar to tuning a car: you want all of your cylinders firing in proper sequence and timing. When properly tuned, your car not only has maximum power in ‘getting to where you’re going,’ it is making the best possible use of resources (in the form of highest gas mileage, and with minimal wear to the engine). Your organization’s individual operational plans are like cylinders – each contributing to the organization’s forward movement relative to time and circumstances. You must ensure that each of these plans “fires” in proper sequence, so as to assist the next plan – or at the very least not impinge upon its “firing.” You must get the collective of projects and initiatives making a concerted best-use of resources.
At the same time, any higher-level plan must have some flexibility in order to make allowance for an adjustment in schedule or direction. Yet, they can’t be so ill defined as to provide no structure at all. And, we have to preserve order: an order in change, and the order of the organization. How do we effectively manage this trick?
If you’ve followed The Weave over time, you know that we’ve discussed the importance of communication between Business and IT. And we know that it’s wise today for Business to make known its planning and direction for early participation and contribution by the organization’s technical investment. Certainly Business must facilitate IT’s understanding of required support to business initiatives, evolving technology needs, and changing environmental factors (such as security, expansion, new regulatory requirement, etc.). But realize that whether this happens effectively or not, IT still exists for, and at the pleasure of, Business. The onus is on IT to support, align with, and enhance Business’ plans for business. IT must dig where and as necessary.
There is plenty of chance to do that, so recognize your opportunities: There will be the obvious occasion for plans’ creation and adjustment within specific, formal, plan meetings – but also formally and informally in the course of budget meetings, staff meetings, board meetings, etc. The exercise of snapping them into focus happens largely in the BIT forum (The Business Implementation Team), and in specific IT plan meetings: but anywhere that there’s a discussion of futures planning contributes to the overall opportunity to assess change, and to effect the “gel” of a plan.
Further, in a changing world, there is the onus on IT to “hear” and garner everything, as a weigh on a scale of possible change requirements.
Coming: Part II – Three Plan Types.
NP: Bessie Smith, on original 78rpm.]]>
Wow. I was reading an article in InformationWeek magazine: The Top 10 Security Challenges for 2010. I guess I’m slowing down: The article is from January 2nd. Ahem, however -
There’s a great, great, line in the article – I wish I’d written it, but I’m happy to source it: Speed may be Google’s most cherished goal, but it also increases the velocity of risk.
The “velocity of risk”! That is an incredible concept: Velocity’s definition comprises speed paired with direction. In other words, 35mph is an indication of speed. 35mph due North is velocity.
But, what is Velocity of Risk in an IT/business sense?
Well – risk now arises quickly, and comes from many directions: The cloud (internet apps and services), social networking sites such as facebook and MySpace (just recently suffering its own breach), business sites such as LinkedIn, real-time enablements like Twitter and chat agents… and on and on and on…. you get the idea.
So, we can see that risks stream toward us from many directions (sources), and risk speeds toward us (opens quickly) – in both the unmanaged (or poorly managed) environment; but also too often in the best, most carefully managed, environments. Unmanaged risk opens, and will ultimately deliver, incidents of directed harm in the form of malware, hacks, etc., and incidents of inadvertent harm (lack of centralized data/nightly backups, as one example).
A tenet from The Weave that we’ve hammered many times: In the realm of risk, unmanaged possibilities become probabilities. And quite naturally, an ongoing situation of probability will deliver in the course of time - it’s a guarantee: data breach, identity theft, corrupted data, applications crash… followed by costly recoveries… or – loss of business reputation and customer-faith.
When IT and Business converse across the table, be sure to discuss risk management, associated costs, and delivery of protections (ROI) in a specific context.
That context is Velocity of Risk.
NP: Rolling Stones: Metamorphisis. The opening track - the alternate take of “Out of Time” - is worth the price of admission. On vinyl. Next week, some NPs involving hardcore Blues on original 78 rpm.]]>
Oh oh – here we go again. A Wall Street Journal investigation has found that the social networking site MySpace, in conjunction with popular applications on the site, has been sending crucial data to advertising companies. This data can be used to identify users – and I’d call this a breach of identity.
This report comes amid news that many employers are blocking access to sites such as MySpace, facebook, and even AOL. This comes at a time when social networking is becoming, or has already become, as ubiquitous as e-mail. Many work folks stay abreast of family and friend occurrences and commitments through these means, just as they do through e-mail.
Companies need to revisit Acceptable Use and Security Policies again. If you’re not covering and directing what people can do with organizational resources, to include social networking, you need to address that at once.
For some companies, facebook and MySpace, et al, represent opportunity for marketing and expansion of client bases, exposition of products, and sales. The authorized uses of social networking are obvious and can be easily documented in an Acceptable Use Policy. If your company is utilizing social networking in expanding business, you merely follow many of the same dictates for appropriate use of e-mail, for appropriate communications, etc.
However, in any Acceptable Use Policy’s three main sections (Required Activities; Forbidden Activities; and Limited Personal Use Activities), it is the “Limited Personal Use…” section that is trickiest. Here is where the organization attempts to be a “decent chap,” in making allowance for some of the mental snack time we all need; some idle web surfing, personal e-mailing, social networking perusal and update…
In other words, it’s tolerated, so long as
1) You don’t publish proprietary information
2) Shared resources aren’t tied up,
3) Inflammatory or illegal material isn’t published
4) Personal activity isn’t conducted under the impression that you’re operating in your official capacity
5) You don’t open security holes for breach
And so on and so forth.
MySpace is still around?? Be careful out there. :^ ) Also, you may wish to visit Social Networking and the Blended Environment.
NP: Band of Gypsys (Hendrix, Cox, Miles) on original vinyl. Naturally. (And yeah, it is “Gypsys” – but you knew that).
(Please see Parts I and II, below)
Well, as you may remember, I wrote a letter to Starbucks. After all, they want to hear my concerns (according to the website, “…We’re here to listen”).
However, 2+ weeks after the letter – nothin’. No call, no e-mail, no letter.
So, I asked “Helen,” the original barista to whom I had made the complaint.
“Hey Helen, were you guys informed that I had written a letter to Starbucks Corporate Headquarters?”
Helen (coyly): Mayyyybeeeee….”.
In the course of our short conversation, Helen informed me that “we’re discontinuing the practice” of counting money on the food-counter, in view of customers.
But, within 3 days, a barista was counting a huge pile of money on the same counter. When I asked about it, the store manager, Jackie, informed me that tips would not be counted there any longer, but money at the end of shift changes would be.
When I asked if there wasn’t an office in the back, Jackie told me there was a desk. Well, this would seem to be the natural place to do some accounting of money. But no – apparently, it is corporate policy that money is counted out in the customer area. Seems rather tactless, but what do I know?
Well, I know that large sums of money, over time, can inspire temptation and ultimately theft. It might be beneficial to keep a tenet from The Weave firmly in mind:
In the realm of risk, unmanaged possibilities become probabilities.
I spoke to the owner of several Tim Horton’s coffee shops. He was incredulous: He said that the only time customers saw money was when TH made change in selling coffee and pastries, etc. Registers were emptied by whisking away the inside of cash drawers, and empty ones making replacement. That seems reasonable.
Imagine going into AutoZone, and they’re counting stacks of money on the counter in front of you. Or Sears. Or WalMart… or, anywhere else.
Starbucks’ practice is a temptation for sure. Counting stacks of money in customer view can embolden a thief, who may don a mask and time a return trip. In my case, I witnessed a large stack of money totally unattended for a lengthy period of time. Technology (cameras) notwithstanding, it remains poor business practice.
And that is my point in wrapping this series. I’d welcome your comments.
NP (now playing): Jethro Tull, War Child.]]>
September 7, 2010
Starbucks Customer Relations
PO Box 3717
Seattle, WA 98124-3717
Dear Sir or Madam:
I wish to make you aware of what I believe to be an ongoing bad-business practice at one of your shops. It concerns the [address] location.
I do most of my work at Starbucks: I am a book author, writer (paid technical blogger), and IT consultant by profession. I am a steady customer: Some weeks, I am there working every day; other weeks minimally three times.
I have professional standing for both a complaint, and positive suggestion, that I’d like to make. (You may review my standing by Googling The Business-Technology Weave). Absent treatment of this complaint, I will have to find another location for my business writing. I do not wish to do that.
This past Sunday, September 5th, I was using my laptop, writing my latest article for my blog, when I noticed a large pile of cash on the counter (to one side of the food display, opposite the cash registers). The pile was about 6 inches high – there was also quite a bit of change on the counter. The money was attended only sporadically, when a barista performed some measure of counting. In the course of my several hours of work, the money was there, and primarily unattended – I believe there was a period of at least an hour where no one touched the money at all.
I have noticed this situation several times in the past and a thought occurred to me: It would be easy enough for someone else to notice the situation, and time a return trip from the restroom, swipe up the cash, and exit the store. (In fact, given the regularity that money is unattended on this counter, someone could build courage over the course of weeks, and time a theft). I was the only customer seated in the back on this day, and when I left, the money was still there – making a theft even easier. There were three baristas (that I noticed) on duty, and most frequently they were bunched toward the front of the store, near the drive up window and the cash register opposite.
When I’m writing, I’m focused on my laptop largely to the exclusion of my surroundings. Thus, if the money disappeared, suspicion would fall on whomever was seated toward the back of the store: On this day, me. I decided to speak to a barista about it. I chose someone I know fairly well and that I speak to often.
Our conversation was as follows, and I assure you this is very nearly verbatim:
“Hey, Helen; may I make a kind suggestion?”
The barista answered “What?”
I said, “This pile of money makes me uncomfortable; no one is watching it. Would you be able to…”
I was interrupted, “Dave, I’ve been extremely busy.” The response was snappish.
I said, “But if someone was to breeze by and snatch this, I or anyone sitting back here alone would naturally be under suspicion. This situation makes me very uncomfortable.”
The answer was very curt, “I will take that under advisement,” and the person turned away – leaving the money yet unattended.
I left the store about 10 minutes later, and the money was still there. The baristas were again bunched at the front of the inside counter area, toward the drive up window. No one was even facing the pile of money, about 20 feet away. I don’t think there was even a direct line of sight to it.
If common and, perhaps, corporate sense is violated concerning the day’s profits, it leads a reasonable person to wonder what other violations may be transpiring at the store. Frankly, money is dirty and I’ve seen food and drink mixes prepared at the same counter that the money was directly on.
Please, it is not my intention to get the barista in trouble and that is why I do not mention the name, or even gender, of the person. I enjoy talking with, and the service from, Helen, Janice, Sally, Tim, Jerrold, Sharon, Martha and the other personnel at the store; I also know several other customers and enjoy the atmosphere. My letter is sent so that the manager of the store – Jackie (who was not there on the 5th) – can train staff to a better level of standard regarding simple business security. Perhaps the manager herself needs training.
I’m not privy to Starbucks standard business practices, but is there no office in the back in which to count money? Is there not, at the very least, a table? Certainly there must be a private area, away from general public traffic, for the handling of large sums of money? That would be my first suggestion – and one that comports with common business advisement and secure practices.
Lastly, if a customer makes a good-faith suggestion, in the kindest of tones, service personnel should listen and at least be courteous. A snappish response was a surprise to me.
Clients pay me to advise them regarding security. My counsel: In the realm of risk, unmanaged possibilities become probabilities.
For the [store name] Starbucks, there already exists risk – of theft. It is certainly a possibility that someone can take the money – totally unobserved. Given the unmanaged possibility, I believe the risk of theft is too high for sloppy handling of money at this store. Given the economy and unemployment, the sight of money is too large a temptation. Large sums of unattended money also puts customers at risk. This practice is witless.
If for some reason you believe the practices at this store to be proper, or if you determine that my concerns are off-target or my observations of the 5th inaccurate, then I need to know that so that I can make a couple decisions. Otherwise, I’d like to know what is being done to address the problem at this store.
Thank you for taking the time to listen to my concerns regarding the [store name] Starbucks store.
I.T. Wars: Managing the Business-Technology Weave in the New Millennium
Blog: The Business-Technology Weave
[phone number] (mobile)
Octorber, 24th: On this day in 1836 the match is patented .]]>
I’ve stumbled on something rather disturbing regarding Starbucks’ business practices. First, let me say that Starbucks is not a client of mine: Therefore, I’m free to speak without fear of divulging any client confidentialities – I would never speak about clients here anyway, without express permission, and an identified reason.
Also, my recent observations and engagements with Starbucks are from a purely business point-of-view on my part. There is nothing personal here, and I harbor no animosity against Starbucks – in spite of some rather interesting customer engagements I experienced. I merely observed an ongoing bad business practice, and expressed some polite concern.
Let me now set the stage (all names have been changed, save mine):
As readers (hopefully) know, I’m a big proponent of security in business and data environments. It would be difficult for any of us business and IT pros not to be – hardly a news bulletin.
Security not only includes computer systems and associated content (central and dispersed), but physical security aspects as well. In fact, the protection of business and all associated assets includes manifestly physical protections: Locked rooms, sign-in and sign-out logs, locked safes and cabinets, careful handling of money, appropriate accounting of money, and so on.
In protecting a business, we also must recognize that customers and staff are also assets, and best business practices are central to protecting those people. Physical business security promotes safety and ongoing surety.
Any security should also harbor a basic, rather simple, concept: We shouldn’t tempt thieves. We don’t want to make ourselves a target. Therefore we don’t “front” certain light, transportable, easily carried and hidden assets. Like money.
Well… most of us don’t.
A few weeks ago, this writer was laboring mightily on behalf of this blog when I noticed something peculiar: There was a large stack of money on a counter. A pile of bills. Unattended. It was at least 6 inches high. Further, it was on the counter next to the food and drink display case, and this counter itself is used to prepare food and drink.
I’m no prude, but my first thought was: Money is dirty. It is generally kept well-clear of surfaces where food is handled. Starbucks uses plates, of course, but still… I approached the counter and spoke to the nearest barista (Starbuck’s preferred term for their customer service folks, for the uninitiated). Very politely I said, “Hey Helen, there’s a big stack of money here…”. I was about to continue that it made me uncomfortable, but Helen snapped, “Dave, I’ve been extremely busy.” I understand being busy, so I merely continued, “Well, it makes me uncomfortable to see it here unattended…”. I was informed that this is where the money was always counted. (This, despite a desk and computer in the back, where I would presume the accounting information would eventually be entered…).
I very politely asked to speak to the manager, “Jackie.” I was told that she was in the Bahamas. I returned to my work. But presently, with the money remaining on the counter for over an hour (and still there upon my departure), I decided to make contact with Starbucks corporate headquarters. Under the Customer Service tab on the website, I was heartened to see that they’re “here to listen” and that they want me to enjoy my trip to Starbucks every time I visit the store. They provided a physical address: Starbucks Customer Relations, P.O. Box 3717, Seatle, WA 98124-3717.
I wrote a very nice letter. I will post the letter tomorrow, and then pick up this series with Part II, and Part III, where I’ll detail Starbucks subsequent interactions with me, and what they told me about the handling of money vis-à-vis business security. There are also a number of other violations of standards as indicated in The Weave, and general common sense business-dictates. I’ll detail those too – there are some great lessons…
You won’t want to miss the discussion of their business posture.
October 22nd: On this day in 1746, Princeton University (NJ) received its charter.
How does the biggest social networking site suffer a data breach?
Breaches are so mundane, and I expect better from facebook: I mean, I rely on banks, universities, government agencies, restaurants, etc.… for breach of data. (Cheesecake Factory, anyone?!? Gosh, how’d you like to be on the same level of security as the Cheescake Factory?).
Once again, I refer you to the Privacy Rights Clearinghouse’s Chronology of Data Breaches for a little perspective.
But facebook? C’mon. You do almost nothing but handle personal details of people. You don’t have much additional challenge – it’s not like you’re balancing our bank accounts, handling sophisticated things like mortgages or something. For that matter, you don’t even have to serve cheesecake. It’s all about sending “winks,” or “pokes,” saying “hello” and slamming teachers, or something like that (so they tell me).
I just noticed something else: facebook is not FaceBook. It’s all lower case. Hmmm. Anyway, just so you know it’s not me that’s driving literacy and solid writing skills down. And – in the interest of full disclosure – I do have a facebook account.
But you know, I can empathize with facebook: Good help is hard to find. Maybe they just don’t have the staff, with the right chops, to keep things secure in a world of “hacktivists” and other ne’er-do-wells.
Which gets me to thinking: I experienced something at Starbucks the other day that was quite surprising. Very surprising. It was what I consider to be a total breach of common sense, sound business practice, and security.
I’ll have a three-part series beginning with my next post, along with a nice letter I sent to their corporate headquarters (After all, Starbucks says right there on their corporate website: “We want to hear from you”).
Until then – stay safe.
October 18th: On this day in 1892, the first commercial long-distance phone line opened, Chicago to New York (and that, my friends, was a milestone in the business-technology weave).]]>
Last time, in Pt. 1 below, I was talking about local businesses (local to me), and a few I consult with out-of-town, lamenting the fact that they were having difficulty finding solid people. This comprises just about all disciplines, whether they’re staffing their Finance and Accounting departments, Sales and Marketing, Retail Sales, Customer Service, production lines, general administrative support, and so on and so forth.
However, when it comes to IT it’s a problem on steroids, apparently. I’ve heard a number of disquieting stories: Network Managers who slide on nightly backups (unheard of in my day, unless it resulted in a firing), programmers who fail to meet critical deadlines for new empiricals (such as price changes, rate changes, incorporation of new data points, etc.), business analysts who fail to analyze, and (the real bellwether of organizational health) even HelpDesk personnel who fail to answer service calls with requisite regularity.
Further, there is a dearth of quality in the outside agencies that any organization relies on: value added remarketers (VARs); solutions-partners, contractors – even regulatory oversight agencies. Consider what’s now going on in the housing market, and the allied foreclosure situation. We’re suffering through a foreclosure-freeze due to bank paperwork that fails to meet some sort of measure. Of course, one could suppose it’s nice that some folks get to remain in their houses a little longer, but the chief problem here is that banks not only don’t get their mortgage payments – they don’t get the asset (the house) either. Further, when the foreclosures ultimately proceed (and they will – estimated to be in the Spring), the dump of houses onto the market will really tank things.
But I digress. Consider: It doesn’t get any more regulatory-dependent, oversight-dependent, details-dependent than a bank, does it? Who are we hiring, to what standards, and who the heck are we graduating to fill critical positions?… Details, details, details. It’s always those pesky details.
However, and as promised at the end of Pt. I, I have a few ideas for improvement to the situation.
First, a question: You know that feeling you get when you encounter an organization that “gets it”? Solid customer service thrust… a sound business footing… attention to detail… things done right, right on time. A certain excellence in every touch you have with that organization. And, a very certain uniformity: Everyone knows what they’re doing, why – and enjoys doing it.
That engenders a very good feeling.
That’s my encounter and feeling regarding my local Business Incubator. If you don’t know what a “business incubator” is, let me explain. It’s a program and a space to improve the chances for new, entrepreneurial, businesses’ success upon startup, to enhance their chances for staying in business, and to help enable their growth. There is collective community benefit as successful startups grow; employing more people, and bringing positive impact to their region through vigorous and natural stimulation of the local economy. Success begets success.
According to some sources, 87% of Incubator “graduates” stay in business.
As Incubator candidates must apply and qualify for admission, and because they benefit from advice and ongoing counsel from qualified business leaders and professional staff, you find allied excellence in these startups. Their ideas, solutions, goods, services, and ethics harbor qualities that match the Incubator itself.
I would suggest that established and successful businesses, as well as individuals, might get to know their Business Incubators, and rake them for any startups that might deliver the very services you’re looking for – to the measure of your needs and standards, and likely at a very favorable cost. Google “Business Incubator” in your town to get started.
Another suggestion as follow-on to that last post: Professional associations of various stripes abound, but a nice one to examine is the Association of Information Technology Professionals (AITP). Locally, I’m working to bring students into my AITP in realizing fresh actualizations and relationships for everyone’s benefit, including my own. Not just IT students: Obviously, we need all manner of business students too – in tightening and freshening the general Business-Technology Weave.
Students who are otherwise knowledgeable often don’t know about groups like these. I’m on the hunt for the brightest and most motivated – they deserve a place to learn, grow, and as importantly, contribute.
Well, those are a couple of my suggestions and ideas. I’d like to hear yours. What can we do to ensure a qualified candidate pool for all disciplines associated with The Business-Technology Weave?
I think it’s time to get imaginative…
October 15th: On this day in 1951, the television show “I Love Lucy” debuted on CBS television.