March 21, 2010 9:41 AM
Posted by: David Scott
, change management
, IT change
, project management
It must be remembered that there is nothing more difficult to plan, more doubtful of success, nor more dangerous to manage, than the creation of a new system. For the initiator has the enmity of all who would profit by the preservation of the old institutions and merely lukewarm defenders in those who would gain by the new ones.
It would seem pretty obvious that change is a routine part of life. However, you wouldn’t know this by observing some people. To them, change is an outrageous imposition: a bolt of lightening out of the blue. To them, when a “rare” occurrence of major change does come down the pike, it should be something that poses no special challenge, no obstacle to be overcome, and somehow those effecting the change should make it transparent to them.
Change is challenging – there’s no getting around that. Under the best of circumstances it will involve everyone’s best game – therefore, it is important to get everyone possible on board in support of the agenda for the change. For those who are determined to drag their feet, or even undermine the agenda (and there will always be those), you must be prepared to neutralize their impact. Certainly there are ways to work on negative people to bring them aboard or to at least gain a measure of cooperation from them. But recognize that the larger the change, and the larger the organization, the more the likelihood that you’ll have a measure of people that will simply forestall change. Be certain to get sanction and support for any workarounds you employ for these people, and document any stalls to protect yourself and the project.
Change must always support business, enhance business, and keep business current and moving. Change cannot, and does not have to, impede business – either situationally, or through delivery of unanticipated harm – such as poor fit solutions, hobbled systems, etc. Remember too that outside change (change external to your organization) demands internal change. As change is coming anyway, you must get on a footing to welcome it by being ready for it – and, barring unforeseeable circumstances, by leading and directing it.
Also, we must gain an important clarity. Today’s organization should keep foremost in mind that most IT-managed change (save for hard technical projects) has true origination outside of IT. Everything germinates through the conduct of business. A department may need a new module added to the organization’s core business application to accommodate new business, practices, or regulations. You may begin or expand an e-Commerce initiative. Perhaps your organization needs a new e-mail system that supports more capacity, better security, and easier user administration. Even seemingly “technically-driven” episodes can have a “business” motivation. For example, a vendor may have a new release of software that requires immediate implementation for security purposes. In this case IT notifies Business of this upcoming implementation, and negotiates schedule and necessary support. We could view this as IT-driven change. But even here, we’re really speaking about a “business” genesis; we’re accommodating the “business” of the world’s demands to our own business security posture. In other words, we’re never really implementing software or dispensing change at some IT whim, or pure IT instigation.
A Basic View to Understanding Change
In gaining a basic understanding of change, look at simple change that has direct impact on Business, and the way business is conducted. Leave consideration aside for the moment for the pure IT initiatives, as these should be transparent to business: updates to backup routines, network infrastructure, operating systems, the changing of Internet service providers, etc. These sorts of “computer room,” or backend, things certainly enhance business in important ways. But the real trick in handling change is when changes affect large groups of users in your organization. That is, “front-end” change – stuff that hits the desktop and creates a challenge for Business. Change that influences people’s day.
Also, be sure to qualify change as being appropriately “sanctioned” – approved in accordance with all other requirements. Change, being the challenge that it is, is often seen as some titular mount: Rather, change is wrapped inside ongoing business. At the first sign or plan of a necessary change – be it major upgrades to core business platforms, or more mundane things such as rollout of new PCs, upgrades to peripheral shelf software, etc. – IT and Business must always review the organizational calendar for obvious times that don’t offer themselves as good periods to support a particular change. It would not be good to implement a new e-mail system during the run up to the annual conference, for example. Talk to executive schedulers and key department heads; there is a wealth of information to be considered, formal and informal, regarding general schedules and burdens to the organization. Know the organization’s general calendar.
Also explore those demands that may not yet be documented – we’re back to knowing “where you are.” Then, through the BIT team, further survey departments and discuss their internal calendars regarding their major activities. When determining where best to place change, be sure that you view requirements through the people prism. After all, the priority and goal is to serve business – not to impact business. People need, and are entitled to, a period of adjustment even regarding relatively small initiatives that affect them. They will need to adjust and size their attitude – managers will need time to inform their staff.
Sometimes certain business schedules can make allowances to accommodate implementations. As well, IT will often have to adjust because of some unforeseen cycle of business. It’s a give-and-take. Also remember that departments aren’t “silos” operating independently of all other departments (although occasionally they may try to operate that way). Elements of change will need to be negotiated between many departments, and there must be appropriate lead-time to allow for this.
For the IT leader, most change can be negotiated and driven from your participation with the BIT team. Whether change originates through a debut within the team, or needs are identified elsewhere and subsequently brought to the team, the BIT team should be where most of the sizing gets done. That is: negotiations, agreements, sponsorships, schedules, ownerships, identification of metrics, standards of delivery, etc.
Change happens with or without your control. If you don’t direct and control change – it will direct and control you.
March 19, 2010 8:30 AM
Posted by: David Scott
, business management
, change management
, IT change
A frequent complaint, or lament, in various versions that comes to me from both business and IT people is: My organization doesn’t handle change well; my organization doesn’t like change; my organization won’t change; my boss fears change; etc.
We can smooth the sale for any specific, necessary, change by defining and selling the benefits of effective change – paired with the risk of inertia. Just as importantly, we expose the rising risk and rising cost of ineffective change management – that is, so-called change management that becomes complacent – in an overall world environment of accelerating change.
We can say that change should be an easy “sell” because, if you think about it, you’re going to “buy” some kind of change whether you plan to or not. Change is a default setting – you can’t uncheck a box and remain static in any endeavor. You’re going to acquire change no matter what position you’re in, and you’ll either change as a reaction to other changes, or you’ll lead your necessary changes. As the world at large is going to force you to “buy” changes, you want to buy (to identify, lead, and emplace) the best changes – you don’t want any difficult (reactive) buys. You must get into a position to leverage that default change dynamic to your advantage. And so Change Management is a discipline – and that discipline is exercised on an ongoing basis, if only to stay abreast of what is upcoming, and making sure to implement necessary changes at favorable times to the organization based on such things as business cycles, travel, new products and methods, other changes, and so on.
It is important to understand the environment that carries change to its successful destination. We can have the best BIT team (business implementation team) in the world, identifying all necessary and correct change – but what happens if even prudent, appropriately sized, change is improperly managed? What if we attempt to change too fast? What if some elements of the organization aren’t ready? What if BIT misses some important ‘where we are’ factors?
We need a close interaction of Technology and Business within our Weave to ensure a basic understanding from both directions in defining, tracking and managing change. Further, this interaction goes beyond management and BIT. This involves the whole of the organization and its associations: staff; vendors and contractors; frequently clients and customers… Too often, change is planned and discussed in the crucible of some rarified group who view change as a secret, to then be announced and dropped like a bomb. The group often views change as scary to the organization, and therefore tends to be draconian in planning, communicating and rolling out change. The higher-ups in the organization sometimes figure that change is a difficult sell (believing that most people fear and do not like change), and therefore the bulk of the organization is predisposed to not buying change. This isn’t necessarily so, and change can be an easy sell.
In order to make change an easy sell, we must have a basic understanding of change in simplest terms, and from anyone’s perspective…
Next - Change: The Basics
March 17, 2010 6:15 AM
Posted by: David Scott
business and IT
, business plans
, business policy
, corporate culture
, IT plans
, IT policy
, people prism
, the business-technology weave
Always view your organization through the people (Business) prism first, and mold the technology to those needs. This may seem obvious but many an IT professional misses, or forgets, what we discuss here. True, there will be times when evolving technology will drive business practice to a degree, but you must always consider the business requirement and impact to people. This will come naturally to the Business leader, so let’s concentrate our attention on IT’s necessary people-awareness in getting the organization to where it’s going.
Developing a model for identifying needs, finding potential solutions for support of those needs, and exposing the organization to the choices requires cooperation. Subsequently, choosing the best solution, managing its implementation, turning on the solution, and ensuring its effective use requires your ability to effect the best collaboration among people. Of course, the biggest challenge in any endeavor, technical or not, involves human beings. Managing people – not just the formal management of those that report to you, but to include the informal managing of those around you, above you, and even external to your organization – can be difficult. Maybe you think it’s always difficult, only varying by degrees. It doesn’t matter – the fact is that you want to manage as effectively as possible. You have to build teams. These teams will comprise business partners and technology partners.
You want to get along with everyone, but you must get the best from everyone – not just your staff but also your boss, your board, your fellow managers in other departments, your solutions partners such as vendors and contractors, and associates in other organizations. In other words, we want everyone’s “best game.” You want to contribute to everyone’s potential to bring his and her best game to the mission each day – particularly when partnering with you. That’s a weave that’s mutually reinforcing – the better you get people to partner with you, the greater your success and standing. Much, if not most, of what you do depends on others. The larger an endeavor, and the more comprehensively it affects the organization, the more people you’ll have contributing to the success of the endeavor (and therefore to your success).
At the same time, you’ll have more people who have potential to limit your success. There will be those who will resist change of any kind. The people who resist change most effectively are the people with the power and means to do so – unfortunately. But that is the sense of it – they’ll have the weight to throw around in resisting and stalling projects. They won’t contribute unless pushed and forced to contribute. Part of your success in contributing to an organization’s evolution – its ongoing successful transition into the future – will be to know when to do the pushing yourself, and when to defer it to another – your boss, for instance, or another authority (for instance his or her boss, etc., on up the line depending on the level of the person who needs the push, and the critical nature of lags). When necessary, you’ll have to know how to present the deferment.
You’ll need to use the appropriate language, tone, reasoning, and degree of brevity or detail. Remember to “speak to your audience” – for example, keep technical details away from top management, unless solicited, and rather expose the business facet of issues. Obviously always start with your direct supervisor. Remember that for any technical arena, on any technical project, in any IT department, you are wrapped in a business environment – people determine where you’re going, people will determine your level of success, and people will always be your biggest challenge. Many a professional has delivered top flight solutions, repeatedly, yet fails to advance – and wonders why. Always assess how you’re speaking as well as what you’re speaking, and to whom and why.
Know the people (their capabilities, their prejudices, their strengths, their weaknesses, their fit to other people, etc.). Have a good look at your organization today - through the People Prism.
March 12, 2010 10:45 AM
Posted by: David Scott
Knowing Where You Are, Part II: What Do I Do Now?
Yesterday we talked about two very different types of organizations: Those that “get it” in terms of today’s interwoven Business-Technology Weave and… those that don’t.
In either organization, what does the IT leader, the IT staff member, and the IT-engaged business person do? What is anyone’s obligation in truly understanding “where you are,” in order to craft the “where you’re going” – the ongoing route into the future?
¨ Understand and establish your authority
¨ Identify your sponsors
¨ Determine the limits to which sponsors can back you
¨ Understand the organization’s people
¨ Identify and know your resources (quality, quantity, flexibility, and so on)
· Equipment: platform, infrastructure, systems (both business and IT; inside the org, and necessary outside ones (such as public infrastructures, …)
· Vendors, contractors
· Etc. – that is, use your imagination in identifying everything that influences and defines “where you are.” Much of it will be unique and outside the purview of any specific guide or advice.
¨ Understand your sanction
· You must know where the organization wants to go
· Understand the limits of your “lead”
· Agree to levels of participation
· Agree to rates of progress
· Get “their” commitments first, when needed for “your” commitments
· Document commitments, agreements, etc.
In establishing where you are, don’t forget the status of readily observable and, relatively speaking, easily measured systems, infrastructures, and procedures – the state of those things also factor into where you are. Anything that is poorly maintained, yet easily measured, shows a problem in managing routine things. There’s a clue: Imagine the problems you’ll encounter when there are challenges in arenas that may have more subjective, and even political, considerations. So look to these empirically measured areas as an overall barometer to the organization’s effectiveness and success – its success culture as a feed to the overall eCulture.
Remember that one of our destinations is to get you into a specific successful eCulture, The Business-Technology Weave: a culture whereby business and IT engage optimally, for optimal outcomes – on an ongoing basis.
Understand “where you are” to effectively plot where you’re going.
March 11, 2010 7:19 AM
Posted by: David Scott
, business management
, business plans
, business-technology weave
, futures planning
, IT plans
Two Types of Organizations – Where Are You?
In today’s business environment, from the Weave perspective, there are two types of organizations. Simply put: those that understand how to manage business-technology endeavors, and those that do not. In order for the IT leader to effectively manage – to maximize that department’s support to business – the organization as a whole must be able to effectively manage IT. It’s a partnership – but a partnership that Business manages.
A frequent complaint from IT leaders (and quite a few business leaders) translates as “my organization doesn’t understand technology.” The follow-on from Business is that systems are cumbersome, don’t deliver as expected, and that IT help is frequently ineffective. A parallel IT follow-on is that senior executives, directors and managers don’t understand IT, and many simply care not to. Within these circumstances, Business and IT fail to set an example, which means that staff fails to understand, or seek how to effectively use, the technology at their disposal. The result is that many organizations don’t understand technology’s true role in the organization, and our modern responsibility within that.
On one end of the extreme is the organization that thinks of IT as a sort of glorified typewriter repair. Plans and success for optimal alignment between business and technology suffer here, but so too does the day-to-day. In other words, people at all levels of the organization first and foremost think of IT as a place to call when their PC acts up. Theirs is a rather benign, naïve view of the technology lever – and therefore they don’t grab that lever and use it to maximum effect. The organization does not reap the best return on its technical supports and investments. In this realm too are those that resent technology – they have an adversarial relationship with it and the people who support it. At best is a view that technology is a necessary evil of sorts – there is a diminished and delayed engagement on the planning and execution of solutions, as this engagement is viewed as a difficult, unrewarding, endeavor.
At the other extreme is the organization that “gets it” – IT occupies a place at the organization’s planning table – there’s not a relevant business decision made without IT’s knowledge, and it’s recommendation. People respect technology’s interwoven contribution, and they value the professionals who work within this important core endeavor. In these environments, people poke, explore, suggest and expand systems’ capabilities. They are more likely to self-motivate in expanding their knowledge, and in contributing to the forward momentum of the Business-Technology Weave.
Most organizations fall somewhere in the middle. No matter where your organization falls, there is always room for improvement – as we shall explore in the coming days and weeks… the first important key is to know where you are. You cannot get where you’re trying to go if you do not know where you’re starting from. Tell me how to get to Chicago. Tell me. You must first ask me, “From where are you departing?”
In the next day or so, we will next explore a simple checklist for determining where your organization IS, (in terms of culture, business-technology acumen, protocols for planning, etc.) in order to effectively plan the subsequent “destinations” of projects, deliveries, and various positionings for implementation of new products, new training, new security measures – all the demands a changing world makes.
Knowing where you are – where you truly are – helps you to maneuver, and helps your organization as a whole in piloting its way forward to the ultimate destination: Success.
March 8, 2010 7:12 AM
Posted by: David Scott
, business management
, business planning
, business plans
, change management
, IT implementation
Getting to where you’re going involves a sale. It’s true: If you can’t sell your creation to the organization – your idea, your vision, your direction for the organization – then you’ve labored in vain. There must be a belief in a business idea, or a technical solution, or any combination – and that belief is “sold” to other believers. In a larger sense, the organization must sell itself and its own objectives to its staff. Selling, whether believing in a proposal, product, solution, service, new method, etc., means effectively communicating to those who can help you and who can partner with you to achieve the aims. In doing this, we can ask: “How do we qualify to sell?” and “Where do we sell?”
For an effective partnership, we need to create a sales ready environment into which appropriate people can direct those energies, and vet these ideas. When we talk about identifying, planning, and selling change here, we’re really talking about achieving a shared vision and consensus – a belief – between Business and Technology for achievement of best change. Best change means that we deliver something suitably sized, based on proper expectations, in the most effective manner possible. We need an effective teaming: one that minimizes the opportunity for mistakes; wrong impressions; erroneous expectations; wasted time, money, and energy; and delivery of wrong, or diminished, things. An enterprise that structures itself for efficiency and delivery of success through effective communication, mutual understanding, and collaboration. The kind of collaboration that is positive so as to move business forward. Let’s repeat that: to move business forward.
Moving Business Forward
Whatever your organization’s mission, product, service, desired accomplishments (its business), all effort should be directed to that regard. Any suspect activity can be illuminated by the simple question: “Does this move business forward?” (Or, thought of another way, “Does this have business value?” There can be many versions to this question, but they all essentially expose an answer that must meet the qualifier of advancing business’ interests). Any answer short of ‘yes’ is unacceptable. This qualified engagement helps to eliminate wasteful politics, dismantle the “silos” of departments, and diminish posturing on the part of individuals. Just to be clear, we’re talking here about exposing inhibitors to good faith partnering in conducting sound business. Anything that moves business forward is not necessarily appropriate – your organization’s ethics and good legal standing are assumed to be in place.
(Not Just) Another Team
So, to help us remain within a proactive, forward thinking, and positive posture, we’re going to lay the groundwork for a qualified partnership between IT and Business. In short, we’re going to create a team.
We’re not just creating another team – we’re going to create a special team in crafting and maintaining the Weave: the team. This team will have as its prime goal the “perfect storm” weave of People, Policy and Process when crafting, steering, and delivering success for your business-technology investment. We’re going to need some rules for the team. We’re going to define the structure and means for interaction by members within the team. And, we’ll show how best to communicate the team’s concerns, conclusions, and recommendations to other management – for sanction, sponsorship, and delegated action in achieving results.
It’s amazing how many organizations make ill-informed decisions. Whether they leave out major business players that have a stake in the decision, or build a business solution independent of the most reliable and effective “technical mesh” to business, this poor decision making process is costly: in terms of budget, morale, productivity and, increasingly, security. Exacerbating the problem is a common reliance on poor, even ad hoc, communications to the organization itself regarding important central, core, business changes.
It’s also confounding that IT frequently finds itself on the coattails of the decision-making process, often being the recipient of an approved “solution” with orders to “make it happen.” Once IT is in the game, IT is frequently the unhappy participant who discovers all the other unsurveyed entities that have a shared interest in the change, and who now have major, legitimate, and sometimes competing concerns. None of this is good. All of this is avoidable.
In order to collaborate effectively, IT and Business must first communicate. In order to communicate effectively, there needs to be an identified group of qualified “communicators” – people who will help to identify, plan, and support change in a knowledgeable fashion. Do not waste time by putting unqualified persons on this team, such as those who do not appreciate policy and business objectives; who may not understand process; or those who do not utilize technology well (or who even may have an adversarial relationship with technology). Do not waste time replicating some other dysfunctional team, or teams, in your organization.
The participants must come from those parts of the organization that effectively manage business and manage IT. Individuals from both areas must understand the means by which business is conducted – these are the middle and upper middle managers, and as necessary those visionaries and planners who are identifying emerging business and practices. That is, those privy to the organization’s direction: they who can bring timely notification to the group of new business directions, emerging requirements, and technical developments – with the sanction of the necessary governance and senior executive management. This group will become that special team, and we’ll call this team the Business Implementation Team (BiT). You can call it what you wish, of course, but here we’ll refer to it as BiT.
The Business Implementation Team (BIT)
The creation and successful launch of the BiT team will require your ability to sell the concept to your supervision: your boss, his or her boss, and any other necessary approval authorities, and subsequently, you must sell the concept to the other managers and directors in the organization. If your organization already has some sort of regularized or formal meeting between IT and Business that is successful, you are largely set, and can glean from this discussion those things that will enhance your team. If, however, you don’t have something like BiT, or if you have a somewhat dysfunctional or poorly defined version of BiT, then you’ll want to launch a newly defined team and meeting to fill the void in the case of the former, or to emplace an effective table in the case of the latter.
The BiT team provides a forum for interaction by IT and Business. The participants, schedule, and agenda flexes according to many things: business cycles, budget cycles, periods and locations of heavy implementation, periods of relative inactivity. Ideas can be debuted and discussed in the BiT forum: new, upcoming business postures can be exposed for discussion and planning; a business-delegate can impart desires from a governance committee; IT’s supervision can sit in when desired or necessary, exposing the organization’s leaders to new technology planning and impact, or announcing major, upcoming changes that require Business’ involvement. This is where business leaders can effectively expose department needs and solicit ideas. As necessary, other staff members with specific job functions and specialized job knowledge can participate when necessary. Solutions partners, in the form of vendors or contractors, should be invited to participate.
For example, during major software implementations, the BiT team would comprise those department heads affected by the new software. During budget planning, the BiT team would want to pull in all major department heads to discuss common needs. Changes to the web or e-Commerce would involve the relevant people. In these examples, all proposed needs should be identified – vetting them can ordinarily transpire in BiT. However, there will be times where sensitive vetting takes place later between the IT leader and her supervision, and in-turn the necessary senior-most Business individuals.
Depending on the organization, the BiT team may meet quarterly, it could be monthly, sometimes weekly, and it will meet off-schedule sometimes. The schedule and participants will be determined by the needs. Generally, it should be IT’s lead to make these determinations, as the BiT team should be seen as an IT-hosted and lead endeavor in service to business. The agenda should be assembled by IT, with input from Business. However, at times and as necessary, anyone on the team can suggest a meeting and agenda.
Hopefully IT can see the need and utility for the BiT team – but if one doesn’t exist in your organization, it’s likely because Business has not understood the need for one. How to sell it to Business? A sponsor – a believer – needs to debut the idea with its direct reporting authority first. A Business and an IT person can pair and best sell BiT to an immediate authority, who will in-turn sell it to the highest possible authority for sanction at the very top. You can print this blog item and hand it to someone with a request to read.
Perhaps the biggest selling point to BiT is that it is, in addition to other things, a mindset. The BiT team will be about moving business forward. BiT will be proactive, prudent, positive and empowered. A successful sell, launch and exercise of a BiT team in your organization will not only make the managing of business better, it will change your organization’s culture. We can predict this because we are going to do something with the BIT team that is unusual for many organizations. We are going to make it effective, efficient, and accountable – collectively, the team will account, and the individuals on the team will account.
We are going to ask for and engage everyone’s best game. We’re going to create a point of pride – and we’re going to stamp this team with excellence. People are going to be proud of what this team produces, and people are going to hold their membership on this team in high regard. This is largely why, if you have a similar but less effective team in place now, you must sweep it away with BiT. BiT will have a discipline in attitude, subtle yet strong, that will sway the most negative players into a zone of increased positivity. Why? Because they will be required to engage that way when they participate on this team. That requirement will be delivered and backed by a power greater than the IT leader or any laterally situated Business leaders – that’s for certain:
As we stated, the sale of the BiT concept must be made at the highest possible level, and you must receive sanction there. Once you make that sale, you will leverage your sale and explanation of the BiT team to the other players by having it’s debut and related importance communicated by that power. We are going to have the team’s culture defined and sanctioned by the level of power in your organization that can require adherence to a set of principles, and dedication to good faith efforts. Thus, we create a zone within your organization’s culture. It may be an island at first, or it may fit your organization’s current culture reasonable well, but regardless its influence will be felt – and in more ways than one.
Change: An Easy “Sell” – a Difficult Buy?
We can smooth the sale for BiT by defining and selling the benefits of effective change management – just as importantly, we expose the rising risk and rising cost of ineffective change management - in an overall world environment of accelerating change.
We can call change an easy “sell” because, if you think about it, you’re going to “buy” some kind of change whether you plan to or not. Change is a default” setting – you can’t uncheck that box and remain static – in any endeavor. You’re going to acquire change no matter what position you’re in, and you’ll either change as a reaction to other changes, or you’ll lead your necessary changes. Since the world at large is going to “force” you to “buy” changes, you want to buy (to identify, lead, and emplace) the best changes – you don’t want any difficult buys. You must get into a position to leverage that default change dynamic to your advantage.
It is important to understand the environment that carries change to its successful destination. We can have the best BiT team in the world, identifying all necessary and correct change – but what happens if even prudent, appropriately sized, change is improperly managed? What if we attempt to change too fast? What if some elements of the organization aren’t ready?
We need a close interaction of Technology and Business within our Weave to ensure a basic understanding from both directions in defining, tracking and managing change. Ultimately, BiT involves the whole of the organization through its influence.
March 4, 2010 7:11 AM
Posted by: David Scott
, data breach
, data security
, data theft
, identity theft
, IT security
Everyone in the organization needs to be a mini-Security Officer these days. What does that mean? It’s time for each person to recognize that every action must be viewed through the prism of security, and activity must be conducted in accordance with defined, attendant, values and standards. It’s part of today’s BTW.
Consider: It has just now come to light that approximately 39,000 physicians and other health care providers in Massachusetts are being warned that personal information, to include Social Security numbers, might be compromised. This past August, a laptop containing data was stolen from an employee at the Blue Cross and Blue Shield Association’s national headquarters in Chicago. Thanks for the timely notification!
It’s easy enough to gauge the general extent of the problem: Just Google “data breach,” “data theft,” etc. In the face of these data thefts (and the vast numbers are hushed), the organization must value security: it must train to, and perform to, specific security standards as determined by the organization’s business, environment, risk, and related needs. Rather than representing an expensive burden, security becomes a weighted concern for new employee orientation, updated refresher trainings, internal organizational newsletters, and so forth. Security consciousness and performance becomes a rated area for every supervisor’s evaluation of every employee during the appraisal process – governance to intern. It’s the business of security as pertains to the organization’s technical assets and data: The Business-Technology Weave.
In the BTW, data security is not the province of IT. It is the province of the organization. Who owns the data? The organization does. IT most definitely can select, size, and maintain security systems – in the technical sense. IT can also train people for security awareness and best practices. But it really needs to be business, as the ultimate stakeholder, that secures business – and business must be intelligent enough to oversee IT and the related security measures there – as well as in the simple human realm. After all, most breaches are due to human error. Who at Blue Cross and Blue Shield allowed the laptop to be stolen? Were there standards for securing laptops? Cables and keys for cubicles? Secure docking stations? Locked doors for offices and protocols for stepping out? Was there security guidance for using, handling and storing laptops? There was? Then, what happened to the employee who “lost” the laptop? Sometimes, examples need to be made…
Any business will get it soon enough: preparedness and prevention guards against damage to the organization’s number one asset: its reputation.
As we’re fond of saying here at the BTW: In the realm of risk, unmanaged possibilities become probabilities. Start thinking about risk and liabilities now, and get security on the table before something like this happens in your organization. Research and educate yourself for all manner of data breaches and how they occurred – then survey your job, your activities, and your place of work for risk. Make suggestions and inspire or take appropriate action depending on your place in the organization.
Get started today.
Coming up: What the heck is a BiT?
March 1, 2010 2:43 PM
Posted by: David Scott
, business-technology weave
Greetings fellow business and IT travelers, and welcome to “The Business-Technology Weave” (BTW). The BTW is essentially a brand of electronic culture – an eCulture if you will – that recognizes the interwoven reliance of business and technology, while crafting and sustaining that culture for best returns on present and future business. More about eCulture in the coming days.
By way of introduction, I’ll bring some observations on my part regarding things I’ve seen over the course of 20+ years – both in the trenches (HelpDesk, network engineering/management, direct project management…) and from “on high” in senior executive management, and how I turned those observations toward better business and IT practices. Further, the observations are common to all sorts of environments: public and private, Fortune 500, government, non/not-for-profit, sole-proprietorships and even personal computing. These observations concern the divide between the necessary business of getting things done and the technical supports that enable and sustain that business.
In the middle is the usual politics: user fears; board, management and budget influences; time constraints; costly mistakes; the struggle with vendors and solutions providers; and anything else that whisks us away from our initial expectations, and our carefully crafted projects, timelines and deliveries.
In other words, situations are often inefficient at best, broken at worst. It is a challenge, and ever more so in today’s quickening environment. Even in the best of these, there is always room for improvement – with attendant rewards. Our goal is to make careers and business more secure, more efficient, and more satisfying – while delivering ever greater returns to business, clients, and customers. Whether you’re “Business” or “IT”, you want optimal returns on your investments: Dollars, efforts, and teamwork.
Business and technology are interwoven today. Remove technical supports, and business may sustain 5% productivity. Therefore, here in The Business-Technology Weave, we’ll do three critical things: We will close divides, we will direct purpose, and we will achieve results.
In following the “rule of threes,” we’ll also consider three essential organizations out there:
1) The organization that “doesn’t get it” and likely won’t in terms of creating and sustaining a valid eCulture. They’ll be history.
2) Organizations that do get it, and are “there.” These organizations need to remember (particularly during change of key personnel, and during the stress of large-scale IT and business change) that there’s always room for improvement. Best practices must be maintained and maneuvered into the future. New practices will emerge.
And 3) Organizations that aren’t yet there, but are open to and even questing for a modern eCulture. This may well be the bulk of organizations out there, and you just might reap some nice bonuses for ideas and deliveries of new and better ways of looking at things. Who among us cannot use some accolades for achieving things, sustaining best practices, best progressions, and better business?
A final thought: This is the IT Knowledge Exchange, and the majority of readers are likely “IT.” However, in helping “business” (non-IT) people to help you (IT), it is our goal to craft this forum such that your business people can come here, learn, and better interface with you. Please point them here when relevant topics are discussed. This just might be the forum they’ve needed for a long time, even as they didn’t realize that need.
Welcome aboard! And in the next days, we’ll get down to the business of better business.