There are three big problems with IT departments (IMHO):
1. Anyone who is sufficiently skilled to be good at his or her job in the IT department is almost certainly overqualified so the system self-selects out good people; and
2. Like any other support role people only tend to notice you when things go wrong; and
3. My general experience with DBAs, sysadmins, techs and the like is that they generally resent you for asking them to do things, making the entire experience unpleasant. I'm not sure if such people are attracted to such positions or such positions end up making such people but whatever the case, "surly" is a commonly appropriate adjective to use. The cliche of the bearded UNIX purist exists for a reason.
At Google, I've generally been very impressed with our support people, both the field techs and the SREs. I would hesitate at calling Google's recipe a success for running IT because it may simply be that we're picking the cream of the crop, which obviously not everyone can do.
It is worth noting that field techs do have a career path in operations (possibly management) as well as being an ex tech (a field tech assigned to a particular executive). If Alan Eustace's computer stops working his ex tech basically needs to drop everything and get it fixed. Such people not only need to be technically good but they need to exert their (considerable) influence. It's amazing how quickly things can change when it's "for Larry" or "for Alan", etc.
I agree 100% with this statement, but as someone that's lived in IT all of my career, I believe there is one more point: education. The most successful organizations have an executive team that embraces IT as a necessary component of success (rather than evil) and communicates that to the organization. It's the purpose & perception of IT that causes bitterness and wrong expectations in the workplace, on both sides.
Just look at the fact that no one ever calls up IT thanking them for dial tone 364 days in a row without incident, but many will complain incredibly that ONE DAY it occurs for 10 minutes, it's no wonder there is such a disconnect.
While you might be able to link this situation/behavior to any support role, I would respectively disagree. Most support personnel are clearly disconnected from the activity requiring support, but with IT you often are interacting within 0-2 degrees of THE person responsible for your issue. This dramatically changes the dynamic of conversations.
IT people (just like anyone else) want to be appreciated for their work, in part because they typically sacrifice more personal time than any other department due to the nature of their job, without a reflection in compensation.
Assuming the IT staff are competent at their job, once people begin to embrace that department, and not talk to them like Dell tech support, then perhaps the stereotypes will start to change.
Incidentally, the reason that the IT staff may be so pleasant to deal with at Google may have less to do with IT, and more to do with the attitude & intellectual level of the user base.
I think Google is also exceptional because the tech support is for other technical employees. When I went down to a Tech Stop it didn't feel to me like I was "going to see tech support," it felt more like I was going to see another technical employee who happened to do tech support.
Then again, I was only an intern so my time there was limited.
I imagine that being tech-support-for-techies, you also end up with interesting issues, rather than "can you put that link back on my desktop" or "my printer's not working again". No self respecting techie will do tier 1 or tier 2 support if he can help it, but in a tech environment it might actually be interesting.
The skills you need to do IT aren't something you can really learn in school in any way shape or form. These include customer service skills, understanding the needs of a business intimately and learning how real business are run. The people that are passionate about doing IT in that context are far and few between. Since it's seen as a service job, it forces a lot of people into other disciplines after a couple of years behind the helldesk.
Many IT shops also fail at communication. There is a lot that we do behind the scenes and no IT shop i've been at is doing a decent job constantly reminding everyone why they are there. Organisations need to know what improvements IT is working on and how it will better serve their needs, and they need to get excited by it. People get excited when Apple introduces new technology, but they get less excited when suddenly they can log in everywhere with the same password. Market that better.
IT, Operations, DB and Co. will resent you for asking for things when they are already busy putting out fires, fulfilling all your other requests and being the whipping boys and girls of your organisation. Google is a notable exception because their IT department is far better managed than most. Make sure all your technical service departments are tightly aligned with the mission critical things in your org and make sure management is shielding them from requests that get in the way. The more focus the techs have on core things, the faster they get done and suddenly the more spare time they have to help you get your project done on time too. Time management and business planning is key here.
Finally quit this 'for the CEO' or 'for Alan' mentality. If someone's computer fails, it should be replaceable within a couple of hours. This special person who's making a larger salary than you should understand better than any one else, never be dependent on a single point of failure to run a business. This doesn't mean a CEO has to be a tech genius or your star programmer an IT genius. They should just be smart enough to ask their IT department ahead of time 'what do i do when my computer fails?'.
Some excellent points I hadn't mentioned in my reply in this thread. People often forget that keeping things up is a constant battle.
Your opening paragraph says it all though. When developers talk about how difficult programming is, I always explain IT like this:
"Imagine you have N sections of code you have to support that someone else has written. They may/may not be documented, whatever documentation you have may not even be accurate, you can't change the, and somehow they have to work together even though they probably weren't designed to do that. Oh and there's a good chance there's no one to call for integration help, but you're responsible for tactfully explaining this all to executives & end users without ticking them off, even though they'll only call you when it's broken."
It's too bad that the perception around IT's role has only gotten worse now with the cloud.
"You know the 30-60 minute spin-up time it takes to get your head into coding? Well imagine someone interrupting you every 15 minutes to ask you how to insert a table into MS Word (I'm sorry, didn't your fucking CV say you had MS Office experience?). Now imagine how long your replies would remain welcoming and friendly."
Well, I should stress that software is your company core business. In most "normal" businesses it is seen just as an expense.
Companies that give strategical priority to software usually end up having less problems with it. The other companies buy crap (cheap IT personnel, managers that don't understand technology) and only get crap. And we should expect it to get even worse, as outsourcing creeps in.
I think you make some very good points, but I have to disagree rather strongly with this one:
> My general experience with DBAs, sysadmins, techs and the like is that they generally resent you for asking them to do things, making the entire experience unpleasant. I'm not sure if such people are attracted to such positions or such positions end up making such people but whatever the case, "surly" is a commonly appropriate adjective to use.
I've spent 15 years working in a variety of positions in IT, from tech support, to developer, to sysadmin, to supervisor, to architect/design engineer. My experience with DBAs and sysadmins is that they rarely resent you for asking them to do things. However, they may very well resent the way you ask them to do things.
Much of modern society is very me-focused, impatient, and with short attention spans. This goes double for the corporate business world. When many people run into a technical problem, they tend to want an immediate response and an immediate resolution to their problem, expecting everyone else to drop everything and attend to them. Their problem affects them, therefore it is the most important problem around right now.
What they fail to appreciate and understand, is that many DBAs and SysAdmins are supporting systems and infrastructure that has importance much greater than you. Yes, you have a problem, and yes, they want to help you. But they have visibility into things with potentially much greater impact than you, and those things may have a higher priority and importance than your problem.
An example I saw just a few weeks ago. I had a problem that needed attention from a sysadmin. I went to the guy who could fix it, and there was someone already at his desk. I waited outside his cube, and listened to the guy already there bitch at him. Apparently the guy had an application that was having issues, and he couldn't work on his report until the application was fixed. He wanted the sysadmin to drop everything to fix it, and he wasn't happy at being told that the sysadmin was busy with something else, and couldn't help him until it was fixed.
After yelling guy finally left, I ducked my head in and asked him if something was blowing up. He nodded distractedly and said that the server a PostgreSQL database ran on was misbehaving, and that the DB was utilized by an application used by 3 different business units and dozens of people. I offered my sympathy, told him I needed his help, but it could obviously wait until he fixed this problem, and said I'd e-mail him the details.
He thanked me for being understanding (twice), and called me as soon as he'd fixed the server issue to help me out.
> The cliche of the bearded UNIX purist exists for a reason.
I'm afraid you're going to have to explain the reason for this one. The bitchiest guy I know at work is clean shaven, and the nicest guy I know has a full beard. Exactly what reason is there behind your negative beard perception? ;-)
I hate to reinforce stereotypes. But in every Agency I've worked in, most of the IT staff have been under-skilled computer enthusiasts with inflated self worth. This in my opinion is what creates a schism. Many IT staff sell themselves as being much more knowledgeable than they actually are. So when presented with a problem that goes over their head they tend to get defensive and shitty.
I've found the nicer the IT staff, the more knowledgeable they tend to be.
You can test my theory for yourself. If you have a cranky IT staff member, ask him/her to help you with a problem you know they can fix. Note their tone. Then ask them to help you with a problem that goes beyond their skill level. Note their tone.
I've noticed IT people will often try to bluff their way through problems with some technobabblely bs. (Probably because they're trying to maintain the image of the "know it all".) If you ever hear "I'm not sure, I'll have to look into it.", you probably have a good IT guy.
I think what you will usually see as you work your way through the different layers of IT, is that IT workers on the lower rungs, especially help desk, have to deal with all of the irritating IT requests. The guys towards the top usually don't have to deal with end users, because whatever comes to them is filtered on the lower levels. I'm not saying that there aren't incompetent IT workers, just that you should realize that a lot of IT requests are mind-numbingly stupid.
There are terrible IT people out there, that's for sure. Many don't go beyond the knowledge of someone from the Geek Squad. But then again, that goes for every profession.
Many times the nicest IT staff are those that are the most clueless and have to make up for their lack of knowledge with personality. The cranky IT people generally have too much to do, not enough time to do it, and are stuck dealing with trivial issues that stop them from getting to the critical ones their jobs (or the company's uptime) depend on.
I think your experience has been very unique (and fortunate) to come to the nice = smart conclusion.
Technical skill isn't that important for front line staff. Most IT shops will have a bunch of $10/hr types handling "how do I fix this excel formula?" questions. And they have a phone number for the big guns when they need it. Please don't interrogate people who probably know they are relatively unskilled. It's like talking about weightloss to someone who already knows they are fat.
The $150/hr techs you will rarely see are super nice, and would absolutely love a problem they haven't seen before. Your best bet is to try and shorten the path to them.
"The $150/hr techs you will rarely see are super nice, and would absolutely love a problem they haven't seen before" This is kind of what I was trying to get at. The guys who know their shit, relish a challenge.
You have a point there, as long as you define a challenge as teaching someone to remember their own password. Or maybe explaining to people that they should put a customer's ID into the ID field (as opposed to the surname, address or date of birth fields). Or is the challenge explaining to the same people the exact same things for the 20th time, without screaming maniacally?
I feel like ranting - maybe this will generate a good discussion.
Most of my experiences with IT have been fine. I worked at a Texas state agency once, though, that caused me to dream about throwing IT workers out my office window.
For starters, I was not allowed to use my own equipment. They rattled off some gibberish about security and support even though my mail client supports SMTP and I can read Office files just fine. Also, for an agency focused on security their insistence on using Windows XP was baffling.
Secondly, I was told I could only use a certain browser because of another incoherent argument relying on "security." Interestingly, nothing was done to keep me from putting a pocket version of Firefox on a flash drive and connect to my own secure proxy. This is because the IT guys had no idea such wizardry was even possible.
Thirdly, for some reason print jobs were routed out of the office to a data center in San Angelo and then routed back to the printer down the hall. Printing a single page was non-deterministic and painful, never mind my final reports. This was a result of some state mandate about consolidating IT.
And then there was the time I tried to install Notepad++ to do some minor dev work (they hired a CS undergrad to do financial work so I thought I'd do more than estimate results). 2 weeks later I was approved to use a similar text editor on the grounds that I already have a task bar to manage multiple documents - a tab bar is completely unnecessary and Notepad++ requires further scrutiny. 3 weeks later I had a Perl interpreter.
At my current job they forced me to let them change the root password on my issued machine to something they knew and I didn't. I get why you do this: because you cannot fully trust people and I dealt with sensitive data; fine. Afterward I re-installed my OS and set my root password back. I don't understand why they don't think these things through.
1. Equipment deployed and supported by the organization most likely has additional applications for encryption, can be managed remotely and updated on a regular basis. It is far more secure, and costs less to the organization as a whole.
2. I doubt it was for security. Most likely they don't have the resources to support multiple browsers/versions for business applications and settled on a single one. It sounds like the "failure" to block USB devices is more for user convenience. Blocking USB devices, while much more secure, is extremely difficult to justify nowadays.
3. Sounds like a State issue, not an IT issue. It is probably as much of a pain in the ass to them as it is to you.
4. Such a minor issue probably sat in a queue as other higher priority items were being dealt with. Approving a text-editor for a single user does not usually end-up on the plate of the CIO for consideration.
I'm not trying to defend all IT policies and practices. Some of them are less justifiable then others, and some are outright stupid, but a mantra I repeat over and over is that:
"Given unlimited time and budget, anything is possible. Anything else is compromise."
You are a "super-user". Recognize that you are not the majority in a large organization and limited resources are, by necessity, focused on the largest impact. Often, these priorities are not even determined by the IT organization and staff and left in the hands of committees, meetings and third-party vendors/consultants.
It is not ideal. It is a pain in the ass. There is a lot of room for improvement.
Oh, I know. That's why I was hoping I could just convince them to take my SS card or something in exchange for handing me the keys to my own machine.
Needless to say, it didn't work. I did, however, make friends with the IT guy assigned to me who was hired the same day I was (same orientation). He sympathized :)
I was a sysadmin for a financial services firm, and then for a Big-4 accounting firm, so I may have some perspective:
1. "For starters, I was not allowed to use my own equipment. They rattled off some gibberish about security and support even though my mail client supports SMTP and I can read Office files just fine. Also, for an agency focused on security their insistence on using Windows XP was baffling."
The first rule of System Administration [0] is to start every host in a known state. The reason for this is predictability - as the sysadmin, you know what to expect - certain software is installed, certain settings are configured, etc. You simply CANNOT manage systems at scale without this approach. Without it, testing, upgrades etc. are a shots in the dark.
Another issue is ownership. Let's say you get company email on your personal BlackBerry. You're mugged, and the device is stolen. A competent administrator will immediately issue a WIPE command from the BlackBerry Enterprise Server, so that all data is erased. But wait! Those picture of your daughter's recital were on the phone. They're gone, and you're gonna be pissed. With a company-owned device, the expectations are different.
A friend of mine once had to re-image the laptop of a senior executive. Turns out, the only pictures of her daughter's high-school graduation were on it. A year later, he's still having to feed her stories about ongoing efforts to retrieve the data...
Regarding Windows XP, OS upgrades are not to be done lightly. It requires very extensive regression testing for all Line-of-Business apps. Believe me, there isn't an IT guy there who doesn't want the upgrade to Win 7, but after a time in this business, you learn to tread carefully, as information systems can break in all sorts of subtle ways and management doesn't want to hear it.
2. "Secondly, I was told I could only use a certain browser because of another incoherent argument relying on "security." Interestingly, nothing was done to keep me from putting a pocket version of Firefox on a flash drive and connect to my own secure proxy. This is because the IT guys had no idea such wizardry was even possible."
Again, standards. When their enterprise web-based ERP system that's been tested in IE6 and works fine breaks when you're using Chrome 15.0.874.121 m, who's gonna get the call? Oh that's right. IT. Multiply that by a few hundred machines, and your network is unmanageable.
There exists technology to control USB drives, but in most organizations, it won't fly - they're simply too convenient. Besides, how do you expect the VP of Sales to load his iPod? Definitely shame on your IT guys for not blocking outbound connections to your own proxy at the firewall.
3. "Thirdly, for some reason print jobs were routed out of the office to a data center in San Angelo and then routed back to the printer down the hall. Printing a single page was non-deterministic and painful, never mind my final reports. This was a result of some state mandate about consolidating IT."
This sounds like the state's fault. They were probably sold a solution that promised centralized tracking / routing of print jobs, based on parameters such as job submitter, color vs monochrome, time of day, printer availability etc. Not IT's fault.
4. "And then there was the time I tried to install Notepad++ to do some minor dev work (they hired a CS undergrad to do financial work so I thought I'd do more than estimate results). 2 weeks later I was approved to use a similar text editor on the grounds that I already have a task bar to manage multiple documents - a tab bar is completely unnecessary and Notepad++ requires further scrutiny. 3 weeks later I had a Perl interpreter."
I was a sysadmin, and I had to get written and signed approval from my Manager, the Security Manager and the CIO to install any non-standard application. Pleasant? No. Necessary? Yes - everything needs to documented; otherwise these things spiral out of control quickly.
5. "At my current job they forced me to let them change the root password on my issued machine to something they knew and I didn't. I get why you do this: because you cannot fully trust people and I dealt with sensitive data; fine. Afterward I re-installed my OS and set my root password back. I don't understand why they don't think these things through."
Don't take this personally, but sysadmins hate people like you - you make unauthorized changes and make our lives difficult. Your IT guys sound incompetent though - why weren't BIOS passwords in place to prevent booting from CD? And since you say root password, sounds like you were in a UNIX / Linux shop. If you were in an AD environment, after reinstalling, you wouldn't have been able to join your computer to the domain without domain administrator credentials.
I understand that the situation sucks, but there are good (at least for a particular meaning of good) reasons why it is so. There is room for improvement on both sides.
Whew. Felt good to get all that off my chest. No hard feelings?
[0] Tom Limoncelli - The Practice of System & Network Administration.
No. I'm going to have monitoring software installed on every piece of computer equipment in the office and run daily reports on installed software. The second I come across something not on "the list" I'm going to pull the network cable for you cube out of the switch and then confiscate your equipment. Have fun explaining any missed deadlines to whoever you report to.
This attitude might be ok for managing the average office worker's machine but when it comes to jobs like programming that are not highly regimented, it's just not good enough. Get out of my way and let me do my job. I'm glad I'm at a company that lets us do whatever we want to our machines (we use a VM for the few things that require IE).
As someone that programs as well, giving admin access to programmers generally makes sense. In a perfect world however, I'd rather give you your own sandbox to mess up and not your desktop so that when the next wave of patches get pushed out, I don't have to worry about your box not being like everyone else's because you altered the 'expected' state of the desktop the patches / configs were designed for.
Sans perfect world, as long as set ground rules are in place, any reasonable IT person should be ok with this request.
I'm also a programmer, and agree completely - I think devs should have admin rights on their boxes, and at the very least access to VMs for testing
Ultimately, it's an issue of trade-offs: I guarantee that since you're allowed to go wild on your machine, the IT cost to support devs is higher. It's not right or wrong, simply a matter of trade-offs. It's up to an individual organization to determine an acceptable trade-off.
I think devs should have admin rights on their boxes
I no longer support dev desktops, but I do admin the systems they use - servers, databases.
I'm cool with what you say in principle. If we're talking your own desktop, sure, no problem. As long as you're responsible for cleaning up your own mess.
But root on 'my' dev servers - no way, Jose. Those guys don't know unix, don't know what they're doing with root. They get shell accounts, they can do what they need to do.
Maybe it's the way we're setup. Typically 'the' box they're using is shared with other devs and applications. One fubared 'rm' as root and they've taken down great chunks of our development environment.
Even large corps give their programmers admin on their own computers. No average or above programmer would work for a company where they had to request permission to install a text editor. That's simply unacceptable.
I think you would find that to be simply not true depending on the nature of the organization. Work for the government, or any security conscious organization, and you'll see how little control you have (for good reason).
It sounds like if you'd been my IT guy at the state agency, I'd have had a much better time - simply because I would have had intelligent arguments :) The reason the printers were like this is some initiative by our dumbass Governor called "Team for Texas," I'm told. It's not my IT guy's fault but it is dumb IT policy which is definitely why IT people get bad reps (even if it's not their fault) which I think is related to the article.
I know the internal web app argument for IE6 but all of the apps were native Java apps on top of Oracle databases.
I can't imagine it would take more than a cursory look at Notepad++ to vet it.
My main point here was that the IT guys were clearly not trained or knowledgeable. My mother works for this same agency and she has a lot of stress because of their inflexible and archaic policies. If they're going to make her life hell in the name of "security" then I expect them to actually provide security.
As far as my current job, we're expected to maintain our own machines because if we had to file a request for every shared library we need, nothing would get done. So, we're trusted with maintaining our own systems but they bothered getting our root passwords. And then continuing to trust us. It's confusing.
"I can't imagine it would take more than a cursory look at Notepad++ to vet it."
This, right here, is the issue. You simply don't know what is involved. "I can't imagine why you need to draw blood to see if I have AIDS, Doctor"
The specific program is not the issue. IT in the enterprise is all about centralized/standardized management and configuration. Every deviation from the standard is gonna increase the burden of maintenance.
How it normally works is that there is a single base OS / apps specification, and defined optional applications. EVERYTHING is tested against these, and guaranteed to work. This allows deployment against a global fleet to go smoothly. It's all about known quantities, which allows them to quantify everything.
Please remember that no IT guy wakes up in the morning and says "Yay! How can I make gatlin's life suck today???" It's more like, "Oh shit, last months patches are not being installed on those PCs in accounting. I wonder if it's the SCCM [0] client?" You find out 8 hours later that there's a conflict between $NON-STANDARD APPLICATION and the SCCM client. Have fun scouring Technet and forums to find a solution. These are the things that fill us with dread.
I'm not saying it's right. Just want you to see the other side.
[0]- Microsoft System Center Configuration Manager
Thanks. Believe me, the practices you see preached on HN (which I personally agree with) are so far removed from the typical enterprise it's not even funny. Agile programming? Um, no - waterfall. Continuous deployment? Are you crazy?
But please remember that there are sometimes very good reasons for the bureaucracy. Do you want your bank doing continuous deployment? Pushing code to the production instance during normal hours? Do you want the NYSE to do this? It's fine when you're doing your precious little webapp (I'm doing them too, so I'm not disparaging!), but when you're talking systems that power billions of dollars of revenue, you make sure all the 'i's are dotted.
Hell, I was in a Scotiabank the other day. The PC was running XP.
It seems like a lot of your dislike of the IT department is a redirected dislike of these policies enforced by IT.
In most law firms, government, and big finance you will likely encounter a lot of these sort of policies. Some of these policies make sense, even though the reasoning is not obvious. The policies are created because of constraints around laws and auditing and they can result in some nasty solutions. Other policies probably just don't make any sense, but that is just life.
Making IT's life hard by trying to get around the policies likely doesn't really help anyone -- it is just being an ass. Assuming a policy doesn't make sense because you can't see the reason for it is arrogant - even if you are right 95% of the time. Same goes for assuming you could come up with a better solution without knowing the constraints the IT department faces.
The solution for programmers that hate this sort of thing seems straight forward -- don't work in these sorts of businesses -- develop your chops so you can land a job in a hot startup (or a business that has that atmosphere) where you get the best gear and can do whatever you want. Or maybe start your own business or freelance. Until you get there, don't take out your frustrations on your coworkers by trying to bypass them -- that is just childish.
For people in IT, they should be aware if they are not in a business that requires these sort of frustrating policies, they should not be trying to implement them unless they really have to. Those are the IT guys people have the right to dislike. They try to turn a small fun start up into some sort of draconian government institution because of some personal insecurities or they think that is just how it is done.
In short, be aware of the sort of industry you working in, or might work in, and what to expect there.
Getting around the policies just to get around the policies makes you an ass, I agree. Getting around the policies to do your job, on the other hand, does not.
I worked at a firm where I was asked by a VP to perform some testing on a VM. The VP wanted the test results by the end of the week. IT said that it would take at least three weeks to approve the specific VM software for my machine, even though there were other developers already using the software. End result? I ended up installing it and doing my job without IT's permission. I had made sure to get everything in writing from the executive, so I could show IT my reasoning if I was ever called out for it. I'm not proud of what I did, but I don't think I should have to ask permission in order to do my job.
That's actually very similar to my situation, and I sympathize.
I was told verbally that I could use IIS, Access, and Perl (I didn't know it at the time) to whip up my project. And then inexplicably a number of Perl tutorials were flagged by the agency firewall at the time. Also, I tend to read sites like this one in case something useful comes up - and of course, these kinds of sites are blocked.
I illicitly installed IIS, Access, and Perl while waiting for approval and the day the guy came in to install I faked some meeting so he'd come back in 20 minutes, uninstalled everything, and then let him install things.
But that's not as funny to me as the original telling.
I didn't elaborate my original story for brevity. Their firewall inexplicably blocked some technical articles I was trying to read for my job. So Firefox through my own proxy was the only way.
Also, I reported all these tricks when I left. I hope they read my emails.
As for seizing root on my current machine - okay, you got me.
If any of my "users" where to pull any of the bullshit stunts you've listed here on my watch I guarantee you I'd have them fired within five business days if it meant I had to send spoofed mail from their address containing horse porn to the head of HR to pull it off.
In a medium to large company, IT's job isn't to make you happy. This is typically impossible thanks to a combination of understaffing and budget issues. Their job isn't to debate you on software choices or provide coherent explanations of corporate IT policy. It isn't even keep you productive. It's to make sure the cube dwelling luddites (and if you aren't in IT you are one, regardless of how much you know about computers) don't break critical infrastructure.
Spend 32 hours over a weekend quarantining and disinfecting an entire network because some dickhead decided he needed to bring in his malware-infected laptop to work and the standard company policy banning private equipment comes into focus pretty quickly.
You're being downvoted because of the 'spoofed email' line, but I understand where you're coming from.
"Spend 32 hours over a weekend quarantining and disinfecting an entire network because some dickhead decided he needed to bring in his malware-infected laptop to work and the standard company policy banning private equipment comes into focus pretty quickly."
Bet it was unpaid overtime too, wasn't it?
Take one instance I've seen: group of guys decide that they want wireless access on their floor. One brings his home WiFi router, and plugs it right in. So now anyone walking by with cursory knowledge of WiFi hacking could get all our data.
Just because they wanted Youtube on their BlackBerries.
> I'd have them fired within five business days if it meant I had to send spoofed mail from their address containing horse porn to the head of HR to pull it off
At least you're creative when you put ethics in the back seat.
In my experience, thats what distinguishes between good and bad IT departments. Companies which looked at IT as a cost center tended to have bad IT service, where as those who viewed it as a value-added service had good IT service.
I use to do IT consulting and bounced in and out of dozens of companies. Some had no IT support, others had us augment their IT team. The best IT department was at a company where there was about one IT worker for every three employees. A ratio typically unheard of, this company spent greatly on IT as everything had to run smoothly. IT was at an employees desk within a minute if any trouble arouse. They were very profitable of course.
The worst companies spent as little as they could on IT. One literally asked me if I could setup their Windows NT 4 box because their Windows 2000 Server was having issues. This was only a few years ago, and they didn't want to buy a new Win 2008 box. Eventually they did, but it was months of pain and plenty of downtime before it happened. Everything else in the company smelled of cheapness too, all in a bad way; Penny wise, dollar foolish.
Also, if the IT-to-employee ratio is really low, like 1 per 200 employees, and systems aren't locked-down super tight, IT HelpDesk can constantly be in a position of stress with more requests than it can handle. This is typically the reason for long delays.
It's like any service center, really. If you want good service, you have to pay for it. Call up Apple's tech support, and then call up Lenovo's. Both do the same thing. But one is really really good, and the other terrible. Guess who views their tech support as a cost center and who doesn't? (Hint: You can tell if you don't see a tech support phone number on the front of their tech support webpage.)
Easier said than done. Most upper management will always see it as a support for the company like HR. I don't think that will ever change in the future.
Moral of the story. Don't work at an IT department, work at software companies.
I've been in both sides (software and non-software) and agree. In software companies the IT department is better for simple reasons: they are more valued, their costumers demand more competence from them and people do less stupid things in general.
Yes. Corollary: if you (must) work at a company that has an "IT" department, try to find out where the programmers on the profit center (the "business") side work. Odds are, their jobs are way more interesting and pay way better.
No, the way around it is to work with computers in a company that need computers. i.e. If you want to work in software or with computers, then work at a software company, not a $GENERIC company that has a software/IT side.
The one thing the article didn't touch on, one that I feel is the biggest problem larger companies face, has to do with the constant cycling of the tier 1 and 2 support staffs. You have 3 different types of people that work in the lower tiers. The first being the hard working, knowledgable, and often fresh out of college/training people who are only going to be there for a few months before their potential is realized and they're snatched up by another deparment or (even worse) another company. The second group would be the ones who are good enough to keep their job; they show up, know enough to not fall on their face every day, but otherwise are not going to move up the ladder. The third group are the ones that simply can't hack it and are fired or quit after a few months, or sometimes years if they can fly under the radar often enough.
This leaves the teir 1 and 2 support staffs in a crappy condition. The only people worth keeping are the ones jumping at the first chance to get out of the 'helpdesk' role. So the IT deparment is left with their only real interface to the rest of the company being comprised of (often) barely adequate people. An individual's experience when contacting the IT department litteraly depends on who answers the phone; will it be a person from the first, second, or third group as mentioned above?
Hopefully the trend will change in the future, but it's probably going to require higher pay while allowing those people to also do more advanced things to keep them challenged/happy (that still may not be enough, because to be honest we don't like dealing with the regular day to day helpdesk-style problems anymore than anyone else in the company likes having them). Large companies are just too compartmentalized to do that, so we may all be doomed :(
A lot of my problems with IT departments would be solved if the IT folks recognized that people with degrees in computer engineering and computer science tend to be able to take care of their own machines.
Also, if they would quit telling me that I can't run VLC because it's not secure, when they have 3 year old versions of the Java Runtime Environment installed on everyone's PC.
"A lot of my problems with IT departments would be solved if the IT folks recognized that people with degrees in computer engineering and computer science tend to be able to take care of their own machines"
But that's not true. I work as a developer or an admin depending on my mood and the money, I would not consider one able to do the job of the other even though I have done each with the same degree in hand.
The discipline of designing stable, maintainable systems & networks or writing code to requirements precisely and accessibly are distinct and often wildly different. Little of it comes with your degree.
That said, my current gig is quite good in that regard: "We support A, B and C. If you want to use X and Z you're on your own. Here are the guidelines on security and patching."
I don't doubt that the skills that make a good system admin are distinct from those that make a good engineer.
I do doubt that the people making and enforcing IT policies that, e.g. lead to insecure versions of Java being installed on thousands of machines, are more capable than I am at managing the machine I need to use.
It's not only a question of skills, it's a question of knowledge.
I am a good developer, but I don't have the slightest clue about e.g. ActiveDirectory. The IT department in my company is nothing spectacular, but when it comes to the kind of issues that I know nothing about, I am glad they have set policies that I just need to follow unthinkingly.
CS/CE offer no discernable value to the IT scene, unfortunately. Define 'take care'. Not install spyware knowingly? Ok great. How about making sure that software you install don't conflict with regular updates that are made to all systems every month? Or what about making sure that you're not introducing problems in the areas of authentication or monitoring, by changing specific settings or services that are running for a purpose. Unless you have ever worked in IT, you likely have very little knowledge on the havoc you could cause for seemingly simple changes.
As for JRE vs. VLC, how do you JRE's status isn't simply a false negative? How many applications in your organization actually utilize the JRE? Is it a non-issue? Are you aware if there are any measures already taken to mitigate known JRE exploits? There is quite a large difference between exploits that exist in an environment vs. those that exist in an application that you actively execute.
Granted I'm not defending the specifics, I personally think VLC is likely fine. But that doesn't change the points made above. In IT, it's always better to go with the devil you know, than the devil you don't.
"Better to go with the devil you know, than the devil you don't." The devil you know. Better for you. Meanwhile I get sabotaged from doing my job well. And my job impacts the bottom line more than yours.
That couldn't be further from the truth. If I make mistakes, websites, phone systems, <insert service name here> become inaccessible for an unknown duration. That's best case. Worst case, data loss. Depending on the nature of the outage, it could ruin the company.
Try selling to a potential customer when their email domain continues to get bounced, or their voice mails never reach you and you'll find out very quickly who has a greater impact on the organization.
the simplest reason that everybody hates the IT department is because there's such a huge competency disparity. during the average workday, the people you interact with during the course of your duties will be roughly at the same competency level as you, and you can talk to each other as roughly equals even across vastly different fields. The IT guy, however, could be at the complete opposite end of the spectrum (either way). if you're some low-level cubicle drone and you're calling the IT guy in charge of the ~100 computer network covering your floor, chances are he'll be the smartest person you talk to all week. he resents you (for good reason) when you call him up to ask how to save a file, the sentiment comes through and creates bad feelings. if the smart guy running the network has managed to scrape together a bit of budget and hire somebody to handle his front line support stuff so he can get some real work done, it's also possible that the guy who answers your support call will be the dumbest person you meet all week. either way, it makes for a bad experience.
Disagreed, IT should not be given a pass to resent people just because they don't understand and have as much time and training with computers. Nor do I agree that the IT person will be the smartest person in the room. Everyone has their own set of skills that they are good at. Put the IT guy in sales, if he fails miserably what good are his technical smarts?
If it's the role of the IT department to support users, they should be helpful and courteous, no matter how "stupid" they think of the request. Should I ever have an IT worker who has the stereotypical "better than you attitude", he will be gone in a second.
It's not about time or training, it's about basic problem solving skills and intelligence. A shocking number of people really are complete idiots. I'm not just talking about not being good with computers. Everybody doesnt have their own set of skills, some people really are good at nothing.
There's a rule that applies to pretty much anyone in any organization in any industry: if you don't really know what you're talking about, you shouldn't do much of the talking. This applies to both sides of any conversation.
If IT will listen to and understand customers, and if customers do the same when looking at IT, then things go well.
But IT is the type of job where "the same" job description can exist at companies that do radically different things. You may hire IT people that have no background whatsoever in your company's specific area. It is imperative that IT new hires be people who are willing and able to learn a lot.
In my experience the "hate" for IT comes only when dealing with people that have no interest in what you actually need: people who are convinced their policy or "solution" is brilliant.
The best IT staff don't spend their time bitching about idiot operators in their companies. They give them the tools to empower them to do their jobs. This comes down to management. If your management sees IT as merely a cost center, then you're probably going to get shitty IT. If they see it as an efficiency center, you're going to attract better IT. Any manager worth their salt understands that a one-size-fits-all IT strategy is probably stupid. It's not about creating efficiency for the IT department, it's about creating efficiency for the profit-generating arms of the company.
But then again, I work at a company that allows the programming team to have their own network, buy their own machines and do whatever they feel like with them (within certain bounds, of course, like PCI compliance).
There are a ton of things that could be said on this topic. But one basic issue is that most IT departments are built from the ground up on diametrically opposed goals. The first being to equip the company with the tools it needs to function. And the second being to avoid any change with undue risk or opportunity for abuse.
Typically IT managers' self-interest calls for a focus on the second goal. So upper management must create incentives that reward a focus on the first goal and diminish the consequences to IT when something goes amok.
For situations where risk management is more critical, a separate department that can share its message and enforce policies across all departments can help reduce conflicts and allay suspicions of IT having unhelpful motives.
That is because IT in many companies IT is a not-innovating, ticket handling entity.
I've certainly seen my share of it.
You file tickets for everything, there is no "thinking" from IT's side, they just do what they are told. This effect seems to be proportional to the IT departments size.
Often this is also a result of misguided policies. I worked at places where IT was explicitly barred from hiring programmers that could help automating the processes.
First off, any department is ONLY as good as it's management. Don't like IT, don't blame the worker, blame the manager. Second, most users have an IQ somewhere between a pet rock and a retarded monkey. Even a Special Ed teacher loses there patience after explaining the same thing over and over and over and over again. Third, IT is NOT your personal Slave - Learn how to operate your own damn computer. Forth, IT and Helpdesk are TWO different skill sets, don't hate IT because you have problems with the Helpdesk. Fifth, most places underfund IT, then bitch when things don't work out. Sixth if IT is so damn bad, fire the lot and see how long your company stays afloat - IT keeps everything except the stupid users working perfectly, but the one thing they don't control (i.e. the users) is the one thing that causes 90% of the problems
No, I'm not in IT (I'm a Scientist, not an Engineer), but I've observed plenty of people bitch about IT when most times the fault is strictly their own.
Although there are some insanities with the IT situation at work, I have to say that I'm pretty pleased with one aspect: You can install your own OS, have admin, install whatever software you want, just fill out the appropriate exception form online. They just won't support it--and for computer scientists and computer engineers like the people in my group, that's perfect. Other groups, with other types of scientists or support staff, get a corporate image.
Now, there's some insanity with our network from time to time, but I deleted the big rant I wrote in favor of keeping the post positive about my employer.
If you undervalue your IT department, you won't be able to get good people to stay. If good people won't stay, you end up with the bad ones--their solution is always to reboot or reformat, they don't know how to actually make reasonable changes to the environment so they just maintain the status quo. There's no IE9 upgrade plan at all, because they already know how to support IE6 and aren't willing to even look at IE9. Now everyone else hates the IT department, and if any good IT employee shows up, he's either going to run screaming from the interview, or stick it out for a few months before realizing all of his co-workers are idiots.
> just fill out the appropriate exception form online.
Do you also have to agree to pay the fines / go to court / appear in news when anything serious goes wrong?
RSA (pretty much the definition of a clueful security company) got hacked because someone opened a malicious email attachment. Imagine how much harder that is to prevent when people are using a bunch of different softwares.
The people who do not work at IT usually think that we don't do anything, or chatting away all day. Because we are always writing stuff on keyboard whenever they came. We CAN'T be working all that time so we are "chatting"
When they call for their problems while we try our best to help them in a nice fashion but because we don't personally go there and meddle with their computers we become the bad guy.
I think charlie stross's analogy of the IT department with the secret services is correct: when things go correct nobody notices us and when they don't we are the first to be called and blamed for. And has to spend nights to fix it whether it is an user fault or not. What we do is quite black ops to those outside of it, because they are on the end result: their internet connection/software/hardware is working or not.
As an IT guy, I have several projects that has to be finished by xmas and I don't have time to hold hands and/or cry why they are hating us, if they are.
Because IT is viewed as a department that is staffed by sub-par engineers, and a discipline that is less demanding than, say, software development. This then feeds into hiring standards and compensation levels and voila it becomes a self-fulfilling prophecy.
An idea I once had to improve morale within the R&D group was to have some sort of semi-regular contest within the group where the winner would get to fire one IT guy of their choice.
Pull network cable? Pfthah! We disable the port at the switch...
SW1(config)#int Fa0/1
SW1(config-if)#shutdown
1w4d: %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to administratively down
1w4d: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1 changed state to down
They use upgrading to IE9 as an example. However, many companies are still running IE6 and IE7. Windows XP was replaced in 2006 and it's still pervasive on corporate desktops. 16GB of RAM is $100 and it's useless in the average corporate desktop.
Sorry, but I think corporate IT departments just try to grow large and be as risk averse as possible.
Growing large and risk averse is what all bureaucratic organizations do.
Using IE6 as an example, in my case at least, for that isn't accurate.
In 2002 I installed a brand-new shiny system to replace our then paper-bound order system. Required IE6.
Fast-forward to 2011 - the version I installed is still in use. IE and Firefox latest work 'ok' for the client, but the administrators must maintain a copy of IE6 [1] for their functions. [2]
We didn't upgrade in 2004 because the costs were prohibitive. We dropped support in 2006 because the cost to support our obsolete version went through the roof, and we were going to implement those functions in JDE 'real soon'.
I stopped supporting the system in 2007, and it went to another team, but we're still using the thing, same version, in 2011. IE6 is still required, of course, for the admin stuff.
All of the decisions that force a handful of people to use IE6 were made above the IT level.
In this case, at least, ain't us man.
[1] Or Safari with UA set to IE 7.
[2] It's a shiny pop-up java thing that looked real slick back in 2001.
I tell you a secret: Everyone hates every department beside from his own. It's kind of normal, because different departments rely on each other, but don't really know or care about the problems of the other departments.
Well, no organization should complain too loud if it is not valueing the IT department as much as it does its profit centers. The situation in the most companies is that IT is trimmed as cheap as possible, so what do people expect to happen??
Also, for some reason, IT departments seem to get or develop goals that are not aligned with the business. In my current place, IT is actually actively working to make the life of R&D departments harder. It's not even the question how to create a secure environment in which people can still do more than Office and Email.
1. Anyone who is sufficiently skilled to be good at his or her job in the IT department is almost certainly overqualified so the system self-selects out good people; and
2. Like any other support role people only tend to notice you when things go wrong; and
3. My general experience with DBAs, sysadmins, techs and the like is that they generally resent you for asking them to do things, making the entire experience unpleasant. I'm not sure if such people are attracted to such positions or such positions end up making such people but whatever the case, "surly" is a commonly appropriate adjective to use. The cliche of the bearded UNIX purist exists for a reason.
At Google, I've generally been very impressed with our support people, both the field techs and the SREs. I would hesitate at calling Google's recipe a success for running IT because it may simply be that we're picking the cream of the crop, which obviously not everyone can do.
It is worth noting that field techs do have a career path in operations (possibly management) as well as being an ex tech (a field tech assigned to a particular executive). If Alan Eustace's computer stops working his ex tech basically needs to drop everything and get it fixed. Such people not only need to be technically good but they need to exert their (considerable) influence. It's amazing how quickly things can change when it's "for Larry" or "for Alan", etc.