Organizations where uptime is essential to survival are segmenting their data centers, he adds, reserving high availability for their most critical systems and settling for less elsewhere. If their email goes down for half an hour, it's annoying but not fatal. If their real-time transactions system goes down, they're losing thousands of dollars a minute.
"It is always better to have the capacity and not need it than to need it and not have it," he says. "But the people who are signing the checks don't always make that choice."
IT concession No. 4: Your systems will never be fully compliant
Like uptime, 100 percent compliance is a lofty goal that's more theoretical than practical. In many cases, focusing too much on compliance can hurt you in other ways.
Your level of compliance will vary depending on what industry you're in, says Mike Meikle, CEO of the Hawkthorne Group, a boutique management and information technology consulting firm. Organizations in heavily regulated fields like health or finance probably aren't in full compliance because of how often the rules change and the different ways they can be interpreted.
"It's safe to say that just as no network can be 100 percent secure, no organization can be sure it's 100 percent compliant," he says. "If a vendor is trying to sell you a product that ensures perfect compliance, they're lying."
Another danger area is falling into the compliance trap, where organizations expend too many resources trying to stay in sync with regulations while ignoring other, more vital parts of their operations, says Meikle.
"Organizations that strive for compliance with regulations often fall down in other areas," he says. "Being compliant with regulations doesn't necessarily mean you're doing what you need to do with your business. Compliance is really just a component of risk management, which is itself a component of corporate governance. It's an overarching business issue and needs to be addressed as such."
IT concession No. 5: The cloud will not fix everything (and may even break some stuff)
Clouds are on the IT horizon. According to Gartner's 2011 CIO Agenda survey, more than 40 percent of CIOs expect to run the majority of their IT ops in the cloud by 2015.
But even the cloud is not the ultimate solution. Reliability, security, and data loss will continue to cause headaches for IT departments -- they'll just have less control over the stuff that's in the cloud.
"Data loss is inevitable within any organization and can still happen in the cloud," says Abhik Mitra, product manager for Kroll Ontrack, a consultancy specializing in information management and data recovery. "Businesses must prepare for the worst by working with their provider to plan for downtime, data recovery and migration, and catastrophic loss. Data security will always be a concern, though advances in cloud solutions make it less of a risk as time progresses."
The cloud also introduces a new problem: how organizations can accurately measure their IT spend, especially as business users spin up cloud services without IT supervision. Accounting for this form of "shadow IT" can cause headaches for enterprises and force tech departments to take a hard look at the value of the services they provide, says Chris Pick, chief marketing officer for Apptio, a provider of technology business management solutions.