Hello, My name is Brian and I have an IT problem.
Actually, we all do.
I started off a geeky, unsociable, and shy nerd hiding behind racks of whining fans, choking on stifling recycled air yet somehow always wearing a jacket. I enjoyed spending hours upon hours in dimly lit rooms configuring unix daemons and rebuilding systems. Sound familiar? No? I guess your 1999 was better than mine!
Last weekend I don't think I even used a computer more than a few minutes. I was too busy diving, eating out, swimming, watching aerial explosives detonate, slathering chemicals on myself at Waimea, cruising with friends, etc.. Email? Oh my phone does that. I don't even know what variants of HTML my android's browser supports. Do I care? Nope. It's a tool and as long as it does what I want pretty well.. that's good enough for me! I'm over technology, life is more interesting. The technology is my slave. I'm not going to waste much time messing with it.
How does your business do IT? Actually.. scratch that..
Why does your business do IT? Do you even know? You probably do... deep down inside.. somewhere - but many never ask the question. We have email and spreadsheets and servers and.. backups.. because someone said we should! Industry best practice! CRM systems are proudly paraded. "We can store over 10,000 client records and retrieve anyone's within 2 seconds". I can create bar charts from Istanbul from any of 32 different OLAP cubes! Oh yeah.. that's the stuff...
So? Has that helped your business? Has it translated directly into sales? Can you actually demonstrate that to me somehow? Even if you made more sales.. did that cover the cost of your systems.. your licenses.. your personnel.. your HVAC costs.. your extra floor space.. the distraction to your business.. the additional risk you (may) now outlay. If you're a non-profit you still need some sort of review process to ask - is it working for us?
Maybe it is working for you! I don't know your business - but I do know that if you don't have some pretty confident answers (even guesstimates?) to those questions then you're Doing It Wrong (tm).
It's really that simple.. if your IT department isn't making you money - it's costing you money - and probably far more than you realize!
"But we have to have one". Really? Why? Is your business IT? If not then.. what makes you think you are any good at something you know nothing about? Even if you do.. it may not be worth your time. I'm sure most CEOs know how to operate a lawn mower. Doesn't mean we'll see them out there mowing their corporate HQ lawns. Opportunity cost? Oh yeah.
I'm not here to talk about outsourcing though.
Somewhere along the way.. many of us forgot that the whole point of IT was to support our business processes. That is.. the stuff that actually makes us money. I care about visualizing sales records only if it somehow helps me understand my product.. my market.. my customers.. etc.. If it's just a pretty picture.. well that's nice but .. not interested.
Now.. I realize I'm probably mostly preaching to the choir (At least I'm picturing Dan applauding and toasting me from his lemur mug collection - if he didn't have one before he will start one now).
Okay so if we can get over our fetish for "cool stuff" and surrounding ourselves with massive SANs and fat 10GE pipes.. where does that leave us? Do we get rid of technology? Heck no, we almost certainly need IT.
But we need to remember that IT is just a tool - the bubble that holds our information which facilititates our business - and a sysadmin is fundamentally no different than a facilities manager (sorry guys, it's true!).
IT used to be really hard. It's easy now. COTS stuff is great. Building your own is almost always a waste now. Yeah there are exceptions - you aren't one. I know it's cool. Get over it. We simply don't need big IT departments like we used to anymore.
Perhaps we shouldn't have Information Technology departments anymore.. let's replace them with.. Information Services departments or something (okay I'm bad at making up sexy names). I do think even something as subtle as continuing to call it "IT" furthers our problematic "throw systems at the wall until they stick" mentality for resolving our broken content policies. It's not about the technology!! It's about what you do with it. Make it your slave. You should have such great IM/KM people that you're throwing resources at them to improve how your BUSINESS works - tech is merely a vehicle for it!
This is why I think many of our organisations are broken and need restructuring. Too many remain tech-driven and systems-heavy with CTOs and oft-forgotten CIOs and Process Improvement guys languishing in a forgotten corner. I think it's because we like tangibles. You can pat a server and see what your money bought. You can demo that new web sales system you spent $300k on. Even if your $1M dev project fails.. well you can point to actual.. debris?
But.. Fixing the process for your sales data reporting? Rewriting your business rules for storing personally identifiable information (PII)? You want our employees to *gasp* change how they do things? Ugh.. that sounds hard.. can't we just buy more servers? Throw some crypto at the problem?
Nope, sorry - doesn't work that way. I realized this more than ever from reactions to the recent revelation of a PII breach at UH's Parking Office.
Instantly everyone asked! Why weren't they outsourcing! Wasn't it encrypted? Who was monitoring the network? Asleep at the wheel!!
Hardly anyone else seemed to wonder.. WHY the parking office had that information? Did it resolve an actual business requirement for the parking office? I don't see how. If it did then it would have been much smarter, cheaper, and simpler to fix the business process that "required" that information. Adding encryption, using better software.. centralizing your systems - yeah those are probably smart.. but if you don't even need to store the information in the first place! Well that's a grand slam.
I'm not picking on UH though - well not too much, they did mess up. But realistically most of us have this problem - we just delude ourselves. I applaud them for their transparency in the matter - many institutions do not reveal their breaches. I'm sure they have a policy on this and it just wasn't being followed here.
We have bought into the idea that information = power and the more we can amass; the more powerful and better positioned in our market sector we will be. That we'd just cram everything onto disks or a database and we'd rejoice as the money we dumped into IT systems magically produced.. candy.. mmm. Sorry it doesn't quite work that way!
Is information power? Absolutely. It's also a risk though.
And you need a plan.
And yep, it's hard.
Get over it.