How to thwart the high priests of IT

Some of your technologists are working both against you and against IT's own interests; here's how to flush them out

There are a lot of good IT pros who earnestly want to help their employer do well by providing and maintaining the technology systems that conduct so much of business today. Then there are those who are the company's enemies, whether they realize it or not.

IT has had a history as a high priesthood, dealing with arcane matters beyond the ken of mere mortals. In the 1940s through the 1970s -- the age of the first computers, then the mainframes -- IT was in fact a superspecialized skill, akin to medicine or law. But as has happened in so many areas of society and business, technology has become democratized, and today many business users are not only comfortable in some technology domains but actually quite adept. That's now called the consumerization of IT.

[ Learn about consumerization of IT in person March 4-6, 2012, at IDG's CITE conference in San Francisco. | See Galen Gruman's presentation on the real force behind the consumerization of IT. | Get expert advice about planning and implementing your BYOD strategy with InfoWorld's 29-page "Mobile and BYOD Deep Dive" PDF special report. ]

But as in matters of religion, law, and medicine, there are IT practitioners who don't want democratization or, to use the religious phrase, ecumenicism. They want control, and users who want to choose their technology tools are apostates to be crushed.

The less savvy IT enemies will pooh-pooh the "toys" businesspeople want to bring in. When someone in IT calls the tools you want to use "toys," that's a clear indication of an enemy. After all, the chances the IT person knows how to do your job and what tool works best for you is close to nil. He or she has no basis for disparaging your tools in that way.

When you come across an IT pro stupid enough to use the "toys" epithet, complain to your CIO. Send the IT person back and ask for someone who actually respects you. Marginalize and isolate these IT staffers before they do it to you. A savvy CIO won't want such employees, as they alienate the business, increase costs through excessive systems, and waste precious IT time and head count resources.

These days, it's politically incorrect for IT to explicitly dismiss business needs and wants, but beyond those in IT who say the T-word to your face are those who think it. Instead, you hear the code phrases, involving "security," "governance," "compliance," "risk," and "efficiency." These code phrases (the middle three are often referred to as a group via the acronym "GCR") boil down to "if you do it, it will be bad; if we do it, it will be good."

This is where it gets tricky. GCR, security, and efficiency are all good, necessary attributes, and IT has long been charged with ensuring them. Also, IT is the group that gets the blame -- and loses the jobs -- when these attributes aren't maintained. There's legitimate fear that users acting individually will unknowingly and inadvertently threaten these criteria. IT is supposed to be worried about these issues, so you can't use the code phrases to automatically detect IT enemies.

But the use of these code phrases lets you figure out where to dig deeper. An IT enemy will have a never-ending list of gotchas, risks, and issues, most of which equate to no, albeit behind a smoke screen. Here's an easy test: Is the standard proposed by IT higher for what you want than for what IT provisions? Take mobile -- if encryption or app revocation is required on smartphones, it should also be required on laptops that hold much more sensitive information. An honest requirement should be enforced equitably.

1 2 Page
Mobile Security Insider: iOS vs. Android vs. BlackBerry vs. Windows Phone
Join the discussion
Be the first to comment on this article. Our Commenting Policies