When they heard about it, Heimerl says, the retailer's IT security department went ballistic. But rather than simply spank the marketers and shut down the system, Solutionary persuaded them to build a new site that did what marketing needed, in a safe and secure fashion. Though it caused some angst, Heimerl says in the end everyone got what they wanted. Marketing had its site, and security was able to safely support marketing's business needs.
The good news: Wider adoption of cloud computing has actually eased the tensions between the IT security group and the rest of IT, says Tomas Soderstrom, CTO for the Jet Propulsion Lab's Office of the CIO. Other groups can't afford to lock out IT security, so instead they bring them in from the beginning, he says.
"Under the leadership of our CISO, Jay Brar, IT security at JPL has become very proactive," he says. "We used to say that the buck stopped with security -- they could shut you off if they had to. We've changed that to 'the buck starts here.' The job of IT security is to protect by enabling. Because if they don't, the business side will do it any way they can, and you end up with systems that are not secure."
IT turf war No. 2: Ops vs. dev
One side of your IT department is laser-focused on keeping your systems up and your costs down. The other side wants to push the envelope until it bursts. Welcome to the war between your ops squad and your dev team.
"The classic conflict is that IT is very often just managed as a cost center," says Ted Shelton, CEO of Open-First, a consultancy that helps Fortune 500 companies manage disruptive technologies. "They believe their job is to figure out how to do more with less. And when management is looking for places to cut costs, IT is one of the first to get squeezed."
Shelton says he recently met with a large retailer whose development side was building out the retailer's Web infrastructure and wanted to capture the clickstream from the Web for in-depth analysis. The retailer's operations side said sure, you can capture all those clicks, but at the end of the day we're going to throw them all away, because we won't want to pay for the cost of storing that data. The developers were forced to go with a third-party vendor.
"The operations side saw its job as managing costs," says Shelton, "while the developers saw their job as managing quality. They said, 'We can't deal with these ops guys anymore, let's go around them.' It is amazing to me that in 2011 people are still worried about the cost of disk space. But this a common mistake across industries where IT is managed as a cost center and not something that can give companies a real competitive advantage."
But it's not all the fault of ops. The development side also shoulders its portion of blame.
"Let's start with the notion that app developers do not set out to build network-friendly applications," says Steve Shalita, vice president of marketing for NetScout Systems, which provides unified service delivery management services. "These apps aren't optimized to enable the network to run efficiently; they're built to do what they're supposed to do. So the dev guys create the application, throw it over the wall for the application implementation team to deploy it. The network guys just provide a connection. Neither side is working together to tune the app or optimize the environment."
That's when things break down and the finger-pointing begins, Shalita says.
"Five years ago the network was probably to blame 60 percent of the time," he says. "Now it's largely the apps that are the root of the problem. But everyone still says, 'Darn, this network is slow.'"
At that point, it becomes an endless loop, says Steve Mills, senior networking engineer for IT services and consulting firm Jelecos.