How you know if your IT department is doing it right

This one's easy. A good IT department is generally kinda bored. When the infrastructure has been designed and built correctly and the telemetry is just right, IT doesn't have much to do except keep an eye on things and work on new projects. Sure, there are always break/fix scenarios, but those are par for the course. Unless there's a major project underway, it's the "insanely busy" IT departments that are the ca

This one's easy. A good IT department is generally kinda bored.

When the infrastructure has been designed and built correctly and the telemetry is just right, IT doesn't have much to do except keep an eye on things and work on new projects. Sure, there are always break/fix scenarios, but those are par for the course. Unless there's a major project underway, it's the "insanely busy" IT departments that are the cause for worry, not the ones playing Nerf football. As a consultant, I've been involved in projects with hundreds of different companies and seen just about every form IT can take. This theme crosses all boundaries.

My theory of good IT is that the best network and system administrators are the laziest. When presented with a problem that will require lots of small modifications to lots of moving parts, they will always opt to write some code to automate the process. This generally takes less time than the manual effort, and the resulting code can be reused in the future. In many cases, this will require that the admin learn a new language, or at least be able to think abstractly in order to address the problem. Those that opt to do everything manually still get the job done, but with plenty of wasted effort and no long-term gains. To turn a phrase, they're generally too busy mopping the floor to turn off the faucet.

For instance, given a task to migrate from one firewall platform to another, there are many, many admins that would simply re-create all ACLs and rules in the new firewall. This is obviously error-prone and will take a long time if there are many rules. "Lazy" admins will write some perl to parse the config from the original firewall and generate valid code for the new platform. I've done this many times -- even published perl code to migrate PIX firewall rules from conduits to ACLs.

The best admins will design a system that will be more difficult and may take slightly longer to implement in the beginning, but will all but eliminate problems later. Those are the admins you're looking for.

When presented with a new project or new requirements, the better IT shops will look for open-source solutions or frameworks and adapt them to their needs rather than look for something they can buy that may not be as adaptable, but might be simpler to implement. That's not to say that commercial products are never used, but the first course of action isn't to spend lots of money, it's to research what's out there. These shops also don't generally use consultants since there's no real need for them. These are also the IT shops that tend to have the highest admin-to-user ratios, and the lowest overall cost.

Of course, there are downsides to the "lazy IT" method. The main problem is that the "lazy" approach doesn't play well with non-technical executives. The issue is that a well-designed and implemented infrastructure makes everything look easy. Modifications, additions, and tweaks become simple if the foundation is solid, though they can lead to disaster if the foundation is poor. In the right environment, major projects can be implemented with great speed and competency -- but giving the impression to those outside of the IT department the idea that anyone can do it.

Regardless of the stability and performance of the IT infrastructure, there are many that believe that unless the IT staff is red-faced and sweating, they're not doing their jobs. This can lead to staffing cuts, which then cause major problems when those that were most capable of maintaining a stable infrastructure are let go since "they weren't doing anything". New, cheaper staff are bought in and the stability and resiliency of the network infrastructure soon begins to falter. But those new admins sure seem to be working hard, running in circles trying to keep the roof from collapsing. I've seen this happen far too many times. Quite often, I've been the consultant brought in at a high hourly rate to perform CPR and stop the bloodshed.

To executives that lack a concrete grasp of how IT should work, a solid IT department needs to be presented as the best insurance policy available. After all, those insurance premiums don't do anything unless they're needed, but what happens if you stop paying them?

Join the discussion
Be the first to comment on this article. Our Commenting Policies