Enterprise IT has been changing, or evolving if you like. The challenges of IT have grown more complex, spending habits are in flux, and technology adoption patterns are shifting. There are some key forces driving the changes in enterprise IT, but let's take a quick look at the increasing complexity of enterprise IT.
A long time ago (meaning, a few years back), the IT department had only to combat rogue deployments of desktop software in business departments, such as Microsoft Access and Microsoft Excel spreadsheets, the latter of which could often have more business logic than most of today's Web 2.0 applications. Now, however, companies have a plethora of insurgent server-based applications that are proliferating both inside the firewall and outside in the "cloud."
Who's deploying and feeding these guerrilla applications (often of dubious engineering quality and even more questionable security)? It's the users in the business departments [gasps of horror] who are installing and driving adoption independent of IT sanction and governance. The business users are taking matters into their own hands in an effort to improve their productivity and remain competitive. They're turning to easy-to-use and flexible tools like wikis, blogs, lightweight content-management systems, social bookmarking tools, and others that are often grouped under the category of Enterprise 2.0.
Server-based software applications are considerably more complex than desktop software. Server software has a great diversity of components that have to be kept up to date and/or create security risks. Moreover, server-based software is designed to be open for other systems and users to connect to remotely. Therefore, server-based applications create a raft of potential issues beyond those associated with desktop software.
An ever growing number of insurgent, server-based applications are popping up all over the enterprise intranet. Not only is security an issue, but, because business users are increasingly circumventing IT, corporate data is seeping out of the company intranet and into unknown data silos. This tendency is being fueled foremost by the business users' needs; however, also affecting the trend is the growing number of free online applications and open-source tools that are relatively easy to install. Finally, virtualization, which makes installing complex server software a snap, is playing an active role in the "insurgency."
The solution for IT used to be to push back, consolidate, and lock down. This option doesn't exist any longer. Now business users are more capable of deploying software or can simply take their technology needs to the cloud with SaaS offerings. The savvy IT department's only real choice is to embrace, standardize, and federate. In doing so, there are some key factors for the IT professional to consider.
Open systems: Make sure applications you're standardizing on aren't going to create vendor or data lock-in.
Standards: The apps you standardize on must be storing data in a reusable format. Stay away from anything that's storing in plain-text or non-standard formats (wikitext, etc.).
Platforms: Make certain all your standard apps have robust APIs. If not, you'll be kicking yourself later as you begin federating these end points and making these disparate systems talk.
The savvy IT professional has more tools available than ever for fulfilling the needs of the business users. Indeed IT, with the right tools, can be a real hero to the business units by selecting the right tools and delivering these in a secure manner. This is especially true if the new tools are delivered in conjunction with data from legacy systems that the business units have never been able to easily get at. There's a wealth of free (or low cost) and open-source software out there for IT to evaluate. In coming posts I'll chat with you about the pros and cons of utilizing some of these tools in the corporate IT environment.
This blog is part of Internet Evolution’s IT Clan, which addresses the ways the Internet continues to impact enterprise networks, applications, and management. Register here to join the IT Clan’s conversation, and you just might win something unspeakably cool.
If it wasn't already implied or stated, I'd add that circumvention often occurs because IT support is simply...sluggish (as dlavie alluded to) and more so, there seems to be a real lack of teeth from the I.T. managers in dealing with the circumventers. Corporate I.T. staffs are being stretched so thin these days with budgetary constraints, lack of enough experienced staff and proper training for less experienced people, but are expected to provide the same amount of support that they did 5-10 years ago with lighter products and are expected to know what all the new technology is & how it works. Folly. At the same time more and more new (some of which are bloated, complex, time consuming) technology, hardware & software products are appearing on the market (test labs, training? Ha, yea right. That costs $). Add in the rogue managers/business units within the organization that want to be on the “cutting technological edge” – all of which fuels the daily challenges for I.T. support to grasp, understand and control and all the things that are out there (vroom vroom…what the heck was that? Oh that was the new coolio software app thingy which runs wired/wireless on your Windows/MAC/Linux/PDA machine that was bundled in with that program; you read that article/whitepaper/Security bulletin…right? Oh, yea, by the way we support that now.). Then of course there's the engineer dept that installs their own NT 4 Server for their legacy electrical engineering app, wide open WiFi AP's, then they'll throw a DHCP enabled router out on the corporate LAN, install Office 2007 (when they KNOW the company std is 2000 or '03, because I.T. management does not want to spend time or $ reviewing & testing Office 2007 and Sharepoint), Open Office etc; or hook their new networked printer into the LAN and THEN call me - hey can ya set this up for me? Kyocera? Sorry, we're an HP shop...and, I didn't see a Request for Install form. Infuriating Technology (I.T.) can truly be a monster and limiting staff and R&D doesn't help.
IT in a lot of organizations has become a roadblock to productivity. In the Dilbert comic strip you have Mordac the preventer of Information Services as it's patron saint.
I fully agree with standards and security but at some point you have to let the users have their needed applications or equipment.
I watched my wife go nuts with her IS dept over a new keyboard, purchasing wouldn't order it until IS approved it. I finally went out and bought her the one she wanted and installed it for her. No drivers, no software. I'm sure her company wasted more than the $20 I spent for it by holding her up.
So while there are the sories of the rougue users there are probably an equal amount of stories about the "evil empire of IT"
There is obviously nothing that can be done to stop end users from taking advantage of the "easy-to-use and flexible tools" even if they risck to deplease the corporate IT staff. Back to 2004 a study was conducted in the UK to find out how and why Workplace IM Users Seek to Bypass IT Control. The study revealed that "since it's easy to install, IM can be up-and-running without administrators' knowledge; and because it uses open firewall ports -- including the commonly unsecured port 80 -- it can be hard to block, or even detect IM traffic."
It seems that end users are aware that their communication cannot be monitored by the IT staff and they are taking benefits from it. The threat is that there is a risck to spread sensitive information and to "open" the corporate network to imbound IM worms. There is the need to enforce policy on the workplace so that to make the workers to abide by the enterprise regulations as regards software installation. As it is said in the post IT staff can have control over the company IT system by finding and installing the adequate tools for the non managerial employees and make them understand that "there are certain boundaries they need to use that tool within."
The problem of user-installed software has existed in two flavors for many years.
The first one is that of the user who wants either the "coolest thing" or simply something that they feel that the IT department may not give them. This can range from games to music or business applications. The user can be a knowledgible non-IT geek to a totally ignorant person.
Generally companies want only approved software on corporate laptops, desktops, and servers. And they want it for a definite reason - licensing. Microsoft and other software companies do not take to kindly to unlicensed copies of their software being distributed in Corporate America. Many of them maintain expensive groups of lawyers to sue such offenders. So corporations lock down and restrict their hardware, often to the point of impeding and frustrating users. It can make Corporate IT's job frustrating, as they feel like they're "playing cops" with their end users.
This isn't a comfortable position for the IT person. And social networking with the users can only alleviate this to a certain extent, since IT generally does NOT control who gets what software - contrary to the general user community perception. Depending on the company, the controller can be anyone from the business Finance department, to the Head of their department. Users are well advised to find out just who REALLY controls the software licenses that the company owns before just blindly yelling at the IT department.
The second issue is squarely in IT's lap. Users sometimes have software that they really DO need to complete their job, or that would add value to what they produce. But they don't have it, and why? Because of the slowness of the approval and installation process.
I personally had one case where I was working for a large corporation, and selected software from their corporate approved list to do my job. After personally walking the paperwork through all the steps I could reach (I.E., co-located on my campus) it still took four months for the software to be approved, and an additional month for it to be installed.
During this time, I was hand-coding steps on a text editor that could have been completed in one-tenth of the time on my usual software. To say that I was severely handicapped would be understating the case. At one point, I actually volunteered to purchase the multi-thousand dollar software bundle myself so that I could get moving. I was told it wasn't done that way, and that I could not get access to install it even if I bought it. When it was FINALLY installed, I was told that I had set a new speed record for getting software - and the speakers were serious!
My position was folded back into corporate IT six months later. The official reason given was "lack of productivity", a statement that still has me bemused. A simpler solution would have been to shorten the whole process of software purchase and installation.
Productivity and IT have been at war for a long time.
In my world, embedded systems, automation suppliers have been pushed to take greater responsibility for the systems they deploy on customer premises.Indeed, they are often billing for not equipment, but the value-add operation or product the equipment produces.This means they need 24x7 access to their systems, and this is causing problems, problems that your recommendations can minimize.
I have written on this subject before- See Open Standards Cut Costs.What is happing now is the OEM/Operations vs IT war is battled at the DMZ- at the firewall.There is now an active category of product (firewall bypass?) that lets OEM equipment inside the firewall connect to the OEM via WiFi (in premise) and then cellular/EDGE technology outside the premises.
In the end, it seems the cloud will penetrate any barrier. Security may rest with the end device and secure identification via IPV6 technology.
No doubt. Forget the desktop apps though. It's especiially insidious when they're installing server-based software and in many cases buying licenses from the vendor with their department credit card. Who is going to maintain and secure these installs without IT's involvement? No one. I've witnessed this in many large corporations and I've even been on the receiving end of phone calls from concerned IT managers after MindTouch's software has been installed in a similar guerrilla fashion. Luckily, MindTouch has always been well received by IT as well as business users. :-) The most memorable phone call I received was from a CIO of the US Army after a department within the Pentagon purchased support from MindTouch. By the end of the conversation he was more than sated.
You said it all when you said that the users are the ones bringing in all the rouge apps. I can't tell you how many times I have walked by one of the users I support to see them running an app I know I didn't put on nor approve to be installed.
But where do you draw the line? Thats a question IT Staff has been trying to answer forever. If you are to strict and lock everything down, the users simply look for ways around your security measures. If you are too laid back they take advantage of you. I have yet to find a middle ground.
Be it Limewire, Bearshare, Itunes, the thousands of games that are out there or whatever people are going to find a way to make it work on their computer. Personally we have the whole Apple website blocked because of iTunes. and we have added the names of the executables of some popular software to our block list to prevent them from running.
Rest assured however that as long as there are computers there will be people figuring out a way to go around their IT Department all because they don't think there is is any harm in enjoying their game of Jewel Quest or whatever they choose to play.
I agree with your article that users are more likely to take
it in their own hands to put together a collage of tools that helps them meet
their objectives.
From my experience, IT has often been slow to embrace the
rapid increase of tools that are available on the Internet for obvious reasons
such as security and sometimes legal issues.
I think that a typical IT department would have to transform
to better reflect the rapidly changing Internet in order to provide the necessary
tools that allow for their customers to do the best job possible.
The ThinkerNet does not reflect the views of TechWeb. The ThinkerNet is an informal means of communication to members and visitors of the Internet Evolution site. Individual authors are chosen by Internet Evolution to blog. Neither Internet Evolution nor TechWeb assume responsibility for comments, claims, or opinions made by authors and ThinkerNet bloggers. They are no substitute for your own research and should not be relied upon for trading or any other purpose.
As an executive and regular public speaker, I use PowerPoint frequently. I have tried a few alternative products for creating presentations and recently I created a deck using SlideRocket for a big staff meeting.
Multi-tenant clouds assure security for clients, but not necessarily for their ideas. Here's one thing you should discuss with your cloud provider before you sign on.
Microsoft's recent decision to bundle its Office software with business partner offerings indicates that cloud software may be in the news, but licensed packages are still in demand for failover.
With 24/7 processing and business continuation paramount, more organizations are considering having three datacenters, where primary and secondary datacenters are in their immediate region and a third is in a remote geography. Why? To avoid repercussions of a major disaster that could hit every IT resource in a specific region.
Cloud is pushing classic corporate data centers beyond their physical boundaries and into new territory to where they one day might be expected to federate with different clouds. For this to happen seamlessly, a new class of systems management superstructure software will be needed.
Ethernet has emerged as the dominant networking option in the enterprise, the home, and the WAN. Now, after years of being rebuffed, it is poised to become the dominant method of connecting datacenter devices.
Data storage requirements continue to grow and put pressure on enterprise networks. As these systems expand to support zetabytes of information, will the datacenter infrastructure become too complex for corporations to support?
Big-data and analytics tools enable marketers to understand customers as individuals, identifying unmet needs and addressing each customer as a "segment of one," says John Kennedy, VP corporate marketing, IBM.
New York's Metropolitan Transit Authority is conducting a pilot test of digital kiosks to guide subway users to where they want to go more efficiently and at lower cost.
The whole Amazon.reader debate is a double-stupid. It's stupid to think that there's any e-book buyer who doesn't know Amazon's URL, and it was stupider to let ICANN launch the whole free-form TLD initiative to start with.
While NFC's original goal was to enhance mobile commerce applications, it is finding its way into a number of other uses, which is creating both opportunity as well as challenges for IT departments.
Enterprises would like to move to cloud computing but are hesitant because they are concerned about providers’ ability to secure company data. Here are some tips that help to ensure that if breaches occur, the business is not left holding the bag.
Edmunds separates customers into segments based on the info it collects on its site and from partners, and uses that to push out custom content, said Brian Baron, director of business analytics for Edmunds.com, at Predictive Analytics Innovation Summit.
The IBM Smarter Commerce Global Summit in Monaco kicked into high gear today, and we've already begun to see news emerging from that lovely city-state by the sea.
Expert Integrated Systems: Changing the Experience & Economics of IT In this e-book, we take an in-depth look at these expert integrated systems -- what they are, how they work, and how they have the potential to help CIOs achieve dramatic savings while restoring IT's role as business innovator. READ THIS eBOOK
your weekly update of news, analysis, and
opinion from Internet Evolution - FREE! REGISTER HERE
Wanted! Site Moderators Internet Evolution is looking for a handful of readers to help moderate the message boards on our site – as well as engaging in high-IQ conversation with the industry mavens on our thinkerNet blogosphere. The job comes with various perks, bags of kudos, and GIANT bragging rights. Interested?
To save this item to your list of favorite Internet Evolution content so you can find it later in your Profile page, click the "Save It" button next to the item.
Email This
