Stewardship, not ownership: It's time for IT to give up on control

The world has changed since the 1960s' data-processing model, but many IT shops haven't changed with it. A new approach to application, device, and user management is needed

Page 3 of 3

IT's new job: Being the steward of technology use
These three trends -- IT's expanding sphere of responsibility, business users' greatly increased sophistication in the use of computing tools, and the move from standard, multiperson business processes to fluidly changing single-person responsibilities -- mean IT's habitual control-based approach to managing a company's information resources must change as well.

It has, in light of the circumstances. IT's expansion means there's too much to control. Business-user sophistication means there's less need to control it. And the rise of single-actor and one-time processes means control inflicts more harm than good, by preventing employees from being as effective as possible.

IT's new job is to support the portal view of computing, whenever and wherever it makes sense. That brands us as stewards, not owners: We take care of resources so as to ensure they're available to whomever needs them, wherever they need them, and in whatever form they're needed. We also help people get to whatever other resources they'll find helpful (not simply that they need -- that's too tight a constraint), whether or not they're within IT's sphere of responsibility.

What will this new version of IT look like? If experience has shown us anything, it's that when the subject is big change, predicting anything beyond the first few baby steps is an exercise in futility. What we don't know far exceeds what we do know. Still, here are two baby steps you'll definitely need to take if you want to head down the opportunity-based fork in the road.

Baby step 1: Syndicate the risks. Everyone who works in information security knows this game: The company doesn't establish a clear security policy. With no business-driven statement of the ideal balance between risk and opportunity, the CSO's group has no choice but to go into full prevention mode, whether or not it makes business sense, because it will be blamed for any intrusions or malware outbreaks that occur.

It's the same deal in the new world of stewardship, only it's bigger. CIOs who want to move beyond a control-driven model of information technology will have to obtain a broad and deep consensus in the executive suite that the benefits warrant the risks.

Baby step 2: Convert or get rid of the Eeyores -- and can the enforcers. Just between us -- how many members of your IT staff think technology is really cool, and how many are Eeyores? How many, that is, are gamers, prefer e-books to paperbacks, take notes on their iPads in meetings instead of using paper, agitate for the latest and greatest technology, and constantly propose new and clever ways the company could be more effective ("if only we'd just do x")?

How many are, instead, like Winnie the Pooh's downcast friend Eeyore, thinking only about what will go wrong now -- on how likely it is that rain will ruin the picnic, and anyway their tails will certainly fall off.

If you want to move from control to stewardship -- from the mainframe view to the portal view -- you'll need more enthusiasts and fewer Eeyores to help drive the change. It's the enthusiasts who'll actively support the opportunities instead of seeing every one of them as a new way for business users to make their lives more miserable.

And you'll need to get rid of your enforcers, the ones who think it's up to IT, rather than the employees' managers, to make sure employees are spending their time productively. The enforcement mentality will always find reasons to keep employees away from opportunities.

How radical is the required change? Both a little and a lot
Even with this significant shift in approach, most of what we do in IT will look the same. Although this change sounds dramatic, our day-to-day work -- normalizing data designs, optimizing database performance, designing service/object models, configuring and integrating various commercial software packages to do the basic work of the business, and keeping the infrastructure available and performing well -- will look very much as it does today.

In this new world, we don't get to ignore compliance requirements, either. Taking off employee handcuffs and leg irons doesn't mean everyone can do everything without any constraints at all. But it does mean we stop using compliance to rationalize steps that are more for IT's convenience than for maximizing business value. Sometimes it will even mean we stop enforcing compliance via technology, relying instead on training, management, and employees' good judgment. Think you can't rely on employees to make the right decision? Then why would anyone hire them in the first place?

Mostly, the change is a 180-degree shift in attitude. That makes it a culture change -- which business leaders know can only happen slowly and gradually, not by hitting a switch.

Since you know it's going to be a slow process, there's no time to start like the present.

This story, "Stewardship, not ownership: It's time for IT to give up on control," was originally published at Follow the latest developments in IT careers and management at For the latest developments in business technology news, follow on Twitter.

| 1 2 3 Page 3