IT doesn't risk boring business. It risks amusing it too much.

Time after time, I find clear evidence that we, the IT professionals, are promulgating policies we think we should promulgate but we know users will ignore. The gulf between policy and practice grows wider. Dilbert grows bigger. Scott Adams accumulates more material. And so on.

These massive "don't ask, don't tell" deceptions - the promulgation of little white lies - destroy credibility.

So, for example, we persist in the notion that end users abuse e-mail and store too much there and transport things that should be elsewise transported. So we rail against users, institute draconian quotas and issue "get tough" proclamations (along with "reeducation campaigns"). Meanwhile, IT professionals are often the worst offenders. Why? Well, because our proclamations are wrong.

Consider the town green with a few paved foot paths. They're where people are supposed to walk. What if the town finds that there are unpaved foot paths trodden by people ignoring the paving? What's the right thing to do? Erect fences to force people onto the paved paths? Or pave the unpaved but well-trodden foot paths?

When policy and practice are out of line, sometimes it makes a lot of sense to adjust the policies.

Submit a Comment | Permalink

I like the idea of following the user - as Tom puts it 'paving the well-trodden footpaths'. As IT folk, we need to take care there as well though.
If we formalise the workaround, we're possibly ignoring the underlying issue of why people aren't using the footpaths. It might be that the paved footpaths aren't comfortable enough, and by paving the unpaved ones, we're just forcing the people to find a new workaround.

Policy is the crown jewel of mediocrity. In this economy, every company needs to be thinking with entrepreneurial bent. When you create a pattern for every action, you reduce the opportunity for new, faster solutions to emerge. You absolutely limit your brightest thinkers. Think... can you name one policy you are aware of that one of the best / brightest in your organization created? It's unlikely. The brightest will never be happy with the same results, they want better. If you have to set extensive guidelines in order to achieve quality (and now I will offend quality experts everywhere) DO YOU HAVE THE RIGHT PEOPLE? To prosper, you need more folks offended by the constraints of consistency.

Another useful expression to capture your thoughts is: "Form should follow function." Are you a fan of Edward Be Bono? If not, you'll enjoy his various books on how unconventional thinking.

IT does not bore business - it frightens it.

Businesses are well aware of these small deceptions - and in every bid they are always trying to find the gotcha that means the proposal will not deliver for the business, money will be wasted, but it is never IT's fault.

To be provacative let me suggest that the sooner IT departments are abandoned and IT Skills become part of a "Business Development" department which is responsible for ensuring that business benefits are delivered or the entire section is failing the better.

IT is just one tool, if often the primary one, in delivering improvements.

First, policy-making is problem with many if not most IT organizations, mostly because IT managers neither realize the need for it nor are they trained in policy-making. Instead of 'by-design' it is 'by-default' based on prevailing notions of how to achieve control or simply be in charge of something. Making things worse is lack of clarity on what creates value and what destroys it. As a business service IT is perhaps the most ill-defined product. Many fail to separate the core package from the facilitating components such as design, delivery and support. Finally, when managers are conditioned to think of "capacity and costs" over "demand and value", you will find policing patterns such as the one you have described.

Yes I completely agree; I once spent an afternoon trying to convince a security "expert" that being draconian did not work; We need to open up "safer" channels of exchange was my pemise not make it harder for people to use the tools at their disposal and hence go underground!

alas - I did not convince her.

I agree with George Robertson. It does scare business, but every now and then business forgets and gets convinced by some project manager or IT person, perhaps wanting to make a name for themselves, that IT can deliver effectively and efficiently.

And business is too ready to swallow the "silver bullet" solution.

The problem is multi faceted and there is no simple solution - but Prof Paul Strassman is insightfull in making comments about too many choices and we are still very much a cottage industry.

I wholeheartly agree. It always amazes me how much policy is set up, which is clearly not doable. Too strict and painfull. And when you raise your voice, that users act differently you get talked down.

A typical example are enterprises forbidding external consulatants any network connectivity. This is killing so much productivity. It would be simple to set up a untrusted guest network instead of monitoring ports usage and multi page contracts for temporary network access.

A good cause of this type of permanent problem can be IT people traditionnal mode of thinking.
Rules are usually created in a mechanistic way, thinking a procedure must be fully described, laws (like in programming) must be respected, map can exactly reflect the territory...
Creative successful organizations are the one able to place, dynamically, at every moment the cursor at the "right" place between what "must" be ruled mechanistic way and what is to be left to adaptable organic mode.
This subtle game must be played for organization and/or computerization.