When the IT department is 'just another supplier' The traditional approach to IT within the average company is to have a central group that manages the technology and applications. This makes perfect sense, in principle: the underpinning technology has always been complex and has required a certain skill level in order to keep it running, patched and up to date. But things …
The machine you bought on amazon needs something fixing - are IT allowed to bill you $300.hour consultancy, or are they expected to just fix it as a favor?
When you decide to do your own security and a virus takes out the system, or leaks data - are the IT dept allowed to sue you ?
Are IT allowed to bid on contracts to manage other firms IT if you are allowed to get external contractors ?
From where I'm sitting, as business decentralises and procures stuff, it generally makes a hash of it.
Option 3, spinning up your own server in Amazon VM ... yeh, only if you know what the heck you're doing with a server!
A business can go on a spending spree without putting proper resource and time in to interoperability; net result, they buy A which doesn't talk to B, and that doesn't talk with C and before you know it, they've wasted tons of money on stuff that works on its own, but doesn't work together.
Yes, IT is a service, but while the face of the technology itself is easier to understand, there are loads of things under the hood that business fails to understand ... and it doesn't even thing about until the contracts are signed and then it realises that there were critical questions that were never asked in the first place.
Sounds similar to where I sit. One of our business teams hired some developers and some hosting for a website and got a site cobbled together. Three months latter it went down, call to my oncall phone at 3am.
Ops: System X is down
Me: Never heard of it, what does it do
Ops: No idea, not heard of it either, figured it was one of yours, users says it's a website.
Me: Nope not supported, call the boss see if they know.
Lots of calling, lots of swearing and lots of complaints to the department heads. Eventually got to the bottom of who owned it and they had no idea what to do anyway. 6 months later and it is still knackered.
The variant I'm seeing is:
Caller: System X isn't working right, it's really weird. Can you help?
OldMe: $VOODOO .. ew.. okay I can see your Y talking to X, but Z is doing THING when it should be doing ... yeah I can fix this today.
NewMe: No. X-Co say it's Y-Co. Y-Co deny it. I can raise another ticket with them if you want. We have another conference call with them in an hour. We don't have any logs, diagnostics, or raw access, but we do have their Web GUIs that say everything is fine. We're manually checking those as often as we can.
From my recent experience I'll add:
The guy who organised it left six months ago taking all knowledge of and, more importantly, access to the hosting service with him.
The hosting company was bought by another who discovered a disturbing laxness of record keeping at their new aquisition. Both shall remain nameless; the latter at least tried to help...
At least I didn't get rudely awakened at 3am. As a consultant, I got to wander in at a leisurely time and ask all the awkward questions. Sadly, the one question I was not allowed to ask was "what the fuck were you thinking?"
When A can't talk natively to B and so on, that's when you need these coders for hire. But a bit of foresight will keep you out of that market. I'm living in that nightmare. Services bought by the suits because it was the right thing to do, but need a custom do-hickey to shuffle data back and forth because there was communication with the IT group when purchasing said products.
Up vote for you sir!
If IT is just another supplier someone, somewhere is doing it wrong. And it might be IT.
If you're working in IT within a business you should be taking advantage of that to learn about how the business works and what it needs. You should have better knowledge of those needs which should let you meet them better and even be proactive in suggesting better uses of IT to the rest of the business. These are advantages which no external supplier should have. You are part of the business and the rest of the business should be aware that you have common interests with them.
"If you're working in IT within a business you should be taking advantage of that to learn about how the business works and what it needs. "
Which is exactly what Management is afraid of... People who can see connections and analyse systems are dangerous , because they can spot the dead wood/smoke-and-mirrors a lot better than [overpaid chairwarmer]...
It is even more complex than the first time I set foot in the server room. I don't know what world this author is living in these days.
Sure, I can spin up a VM in no time, did it Monday morning in fact. But managing multiple hosts with multiple systems is a bit more complex than the day when we had 20+ PowerEdges running a single system... My skill set has had to grow quite a bit since those days. So it is complex. Maybe not hideous, but complex to say the least.
I agree. Back in the '80s & '90s I was managing multi-node mainframes, to the extent of deciding/planning hardware topologies & day-1 installations, as well as superstructure s/w and day-to-day management, and I'd also say that IT is more complex now than back then; the basic premise for this article is incorrect.
What the author seems to have done is mistake learning how to drive a GUI for actually understanding what's happening beneath the GUI. Just learning how to drive a GUI might be fine if everything worked properly, never needed changing and never broke...
Not only is it more complex than ever (especially interoperability of all those 'easy' answers), I saw not even a hint of a whiff of security in that article. Business may not (read: don't) understand that it's a critical requirement and only works correctly as an in-house function, but that doesn't change the fact that it is.
The more systems they outsource, the more calls we get to shut down security safeguards that are now 'in the way'.
The latest supplier is still choking, transitioning our data to their systems, months after the deal was signed (yeah, they said they could do it). When they finally ingest it correctly the internal systems will get decommed.
A bonfire of bridges.
Exactly that.
Every single article I read singing the praises of the Cloud totally skirts even the notion of the word.
Company email in the cloud ? Well of course, all emails from and to all of your customers sitting like ducks in the cloud. How can that possibly go wrong ?
Just because you can do something doesn't mean you should.
Remember when the PC took computing away from the IS dept? It was application hell. So that's why the modern IT department manages desktops also. If each department farms out IT to the lowest bidder, you _know_ what's gonna happen when the unsupported app blows up ... ROFLMAO!!
You're right. The pendulum is now swinging back that way again as the business side sees things though "profit" and "cost" without regard to security or anything else. Back early on, there wasn't a problem as most PC's brought in were stand-alone....floppy disks, and all that. Now with interconnectivity and the world of black-hats, it's a totally different scenario.
I'm waiting for several big companies to get pwned and then blame IT which will blame the shadow IT practices and the pendulum will maybe start swinging back the other way.
As an outside consultant who sees quite a lot of these things, I have to disagree. IT depts are pretty well aligned with business needs - just not the fantasies and current wants of, mostly middle, management, which commonly get mistaken for business needs.
Your sentiment is, however, an article of faith in many places.
>It amazes me that we still have to discuss that IT departments need to align themselves with the business needs. But we do because, mostly, they aren't
Number one that is more on IT management (MIS lol) then in general on the engineers. Second that sure isn't the case with my company at our manufacturing site. A lot of the IT department actually started on the shop floor and the ones that didn't sure as heck have spent a lot of time there supporting production as part of their job duties. The only time I see that even slightly is with the IT guys at the main corporate office but even then they support us. They just are more corporate oriented as opposed to manufacturing oriented.
That is certainly an issue. However, I dream about our various departments taking over their own IT like they try to. They have certainly been able to dictate to us what they were going to do and we've had to make it work within our existing framework (with little or no budget adjustments). It would be an eye-opener for them when their data disappeared, when their new shiny didn't interface with their existing, etc. I would pay good money to watch the gnashing of teeth, instead of getting paid peanuts to gnash my own.
One department recently dropped 100k on a new platform (we are a small entity so this is big bucks for us) without any consultation with IT, and refused to have their old data imported by the vendor (an extra 10k). They simply didn't realize it wasn't as easy as copy and paste to move the data. So now we are running 3 systems (because this isn't their first rodeo!) side by side, some of it on truly antiquated systems, just because the ego of the manager won't allow him to acknowledge his failure. We don't have any internal developers so doing the data conversion ourselves would be problematical.
Not only were we not involved - we had no clue it was coming. We had to put on hold our backup update project to fund the hardware and licenses for their new project - wait for it - because they didn't include money for that in their budget.
TLDR - Bad idea to "decentralize" IT the way the author is advocating.
Its the same old "Keen novice who thinks wiggling a mouse and using Excel (and maybe a bit of Access) makes you an IT professional. As already said here, its when it goes tits up or they didn't think they needed backups "cos its in eth clowd so safe" or the developer doing it to budget rushed or bodged documentation that they realise a good team of skilled staff is what they needed.
A better model is to centralise the IT function (its a function OF BUSINESS not a separate entity) and get them bringing on additional developers as needed to make sure they are properly managed and don't deliver ropey shite that needs them in again to get paid again to come back in and fix it.
Nobody know the exact requirements, and how to properly test them.
And even if you knew, every little change in the system will be asking for trouble, and paying a lot of money.
At the end it is just a way for somedepartments to externalize risk and cost, to the IT department and/or the rest of the company.
Marketing: We need a new website based on Wordpress and LAMP technology, because we need it really to be cutting edge.
IT: We do not do LAMP, we have SQL Server express, IIS and some MS html hacking tools and run all on HyperV virualization engines.
Marketing flips out the credit card, rents for little bucks an AWS EC2 Linux webserver, implements the most beautiful website ever seen, but it gets hacked two weeks later, because security was compromised due to a third party Wordpress plugin that marketing had bought.
Since customers use the website a lot to do business, this causes severe damage to the credibility of the company, and the following two quarters heavy losses are incurred.
Probably it is not hard to predict what the CEO, who has to explain to the shareholders why profits were less than favorable, will promise to do about security exposure of the company concerning ICT.
ICT became a commodity in only 10 years, due to the tooling which made things simple. Things like rolling out a website in the cloud with LAMP/Wordpress were unthinkable 15 years ago. On the other hand, requirements for security and the implications of outages and security incidents became much more complex and serious. May be the focus of central IT should shift to these areas.
First up: Stop talking about the Customer when referring to someone, somewhere in the business that wants something. They are team mates. You both have the same goal, to help the company do whatever the company does to be successful. Customer as a term carries altogether too much baggage to be a useful way of describing that relationship. 'The customer is always right', 'The customer gets what they want', 'the customer is king'. No... the customer is desperately looking for help with a problem they don't understand. Think doctor and patient...
Second: Cloud is there simply because it allows salesmen to get down and dirty with their marks; the broadly naive and lets face it borderline IT illiterate (IllITerati?) 'business'. Why? Because it enables the marks to bypass all the governance and procurement chains and processes that have been set up over decades, that turn what should be an easy process into weeks of wrangling, signoffs and general dickwittery. So - streamline that business process. Take a chainsaw to procurement and governance and figure out what it really needs to be. And dont spend a year on it. 2 weeks. Focus people, Focus... this is important - as it is killing your entire business function, and possibly the business itself.
Third: Just because you are a socially inept IT engineer who can only talk to other IT engineers and barmaids, you really cannot get away with it any more. Stop wasting your training budget on IT courses (just DIY it) and get the soft skills sorted properly. Go... mingle. I know they are from marketing, but, try. You might enjoy it.
Fourth: Somehow we have to break down this idea that "Business' and 'IT' are different. We should start by undermining the concept that 'IT' should learn to talk 'Business'... and name and shame those who would say 'I can't do that, I'm not technical' when it's suggested they do something beyond clicking a shortcut. Business needs to learn to talk IT. Just like they need to talk Finance. Just like they need to understand how to use a washing machine or a fridge... yeah check the fucker is plugged in and the door is closed.
Fifth: It's not easy. It's never been easy. It will never be easy. Anyone who says it is, needs a proper kicking. Then ignored.
Sixth: It's really not that difficult; In fact most of it is pretty straight forward. Stop the vanity projects. Stop the big bang enterprise solution to everything that will take a decade to even plan by which time it is no longer relevant. Sort out the business processes that 'IT' use, properly, get finance to help. Get a marketing team in house to IT, some PR reps. Work out how to model it as a profit making part of the business, and always talk about it as such. We in internal IT have almost no propaganda wing, no one specialised in competing against the consultants and conmerchants, no advertising budget, no wining and dining the marketing droids. And honestly, there is no truly good measurement of success for us to game...
Oops... I seem to have had a rant...
"First up: Stop talking about the Customer when referring to someone, somewhere in the business that wants something. They are team mates. You both have the same goal, to help the company do whatever the company does to be successful. "
That only works if both "sides" agree on it; as an IT guy currently working for an operations/projects team, the centralised IT people are not helping anyone on this team, the opposite. Asked for a network layout - not details, just relative speeds of Internet links out of buildings to plan where to put people - and told there isn't one that we are allowed to have. On a previous project, a colleague asked for storage space for 4-7TB of rapidly changing but not business critical data (no harm if backups fail, the process that generated the data can just be run again); IT costed it at a little under £400k/year, with 4 hour response to restore requests (having been explicitly told not include backups). In the end it was done on a pair of overgrown desktops.
On the other hand, the operations guys sometimes use AWS as a "knee jerk" thing - which I argue against, for reasons everyone has already said, but when the response I get is that the "storage /£400k story is typical", hard to argue back.
As you said, people should be on the same side.
It'd be nice ;-)
They like to hobble our budget's, then they put in a new system but whereas we have to jump through hoops and write up all sorts of made up documentation, they can spend $60,00 on two licenses as part of a "pilot project", then have the gall to request we set everything up, luckily the new CIO told them that we will provide the Server but you get the vendor to install and configure it all and support it.
Two years later, 4 different consultancies for various things like getting the product to talk to SQL and then pulling the data out from SQL to Tableau and now we find out they want to get rid of everything and just find a way to dump everything from our in-house system to Tableau.
We truly believe our CFO has something on our CEO with the stuff he gets away with.
Did I understand correctly, that they want everything dumped into Tableau, and then dump all the systems that collected/created the data, meaning that data would then be somehow directly entered into Tableau?
Tableau is very glittery and looks/is cool manipulating small data sets. Pretty useless for anything else
I work for an architect, so we basically produce IP and not much else. Our mandate covers all information management, not just plugging in PCs and nursing a bunch of VMs; the doc controllers report directly to IT.
Anyone who moves data to an outside service that hasn't been approved by centralized IT is fired, just as anyone downloading or installing pirated software would be.
I've worked in a large company where they did exactly what the article suggests; and their IT could best be described as Shambolic.
What did they save? From the numbers that I saw, absolutely nothing. In return, they had systems that were barely functional, inflexible, badly designed; and generally didn't provide them with the information that they actually needed.
Far from saving them any money, I believe their outsourcing was actually costing them money. This was because most of the non-IT staff were spending increasing amounts of their their time trying to work around the problems that the systems caused them.
Um, I think some commenters here are misreading the article.
The author isn't suggesting, recommending or saying this is what *should* happen. He's saying that this is what *will* happen, regardless of all the very good reasons posted here on why it's a bad idea. Never underestimate the power of human stupidity.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
