Why Businesses Standardize on Technology
I experienced a wide range of emotions as I read this allegedly tech savvy article in the Wall Street Journal, written by someone who is deemed a journalist for reasons which clearly have no basis in reality. Mostly, I was surprised, because this is not the caliber of information that I expect from a publication such as the Wall Street Journal.
Not only does the author appear to operate in a context that bears little resemblance to what is commonly found on earth, but he ignores a host of things that businesses actually have to contend with in this day and age.
His premise is essentially this: Employers, along with corporate IT departments, are holding back the productivity of workers, by enforcing standards on them and restricting them from treating corporate technology as their own.
“At the office, you've got a sluggish computer running aging software, and the email system routinely badgers you to delete messages after you blow through the storage limits set by your IT department.
At home, though, you zip into the 21st century. You've got a slick, late-model computer and an email account with seemingly inexhaustible storage space.”
Let’s ignore the fact that not everyone has the latest computer at home. Perhaps he’s forgotten that the economy has not really been conducive to people running out and purchasing the latest and greatest – at home OR at work. Let’s focus on the subset of people that fall into his target range of tech-savvy workers, frustrated by the lack of flexibility to change things around on the computer network as they do on their own systems at home.
My first question is, why stop at computers? Why not include all of the other things your employer won’t let you change, like the office furniture? Why don’t we let employees print their own business cards, and handle their own stationery?
Let’s face it: Flexibility does not always lead to an increase of productivity.
What our intrepid reporter does not realize or acknowledge, is that there are several accommodations that need to be made to handle the flexibility that he desires. And these are not free accommodations.
This article has so many flaws in it that I am forced to address only a few of them in one sitting, but that should be enough to show how much thought really needs to go into this sort of decision before true ROI can be obtained.
Here are the issues that were misrepresented or ignored outright in the article:
- Cost Control & Vendor Negotiations
- Technology Integration
- Information Security, Compliance & Risk Mitigation
- Staffing & Training
For the purpose of my examples, I will ask you to consider a mid-sized organization of 1200 users across 3 offices, with 1000 desktops, 300 laptops, and 250 servers. Total IT infrastructure staff is 30 members, across help desk, desktop, server, and network support, and information security.
Cost Control & Vendor Negotiations
Some forward-thinking companies are already giving employees more freedom to pick mobile phones, computers and applications for work—in some cases, they're even giving workers allowances to spend on outfitting themselves. The result, they've found, is more-productive employees.
Unfortunately, Nick Wingfield, the author of this opinion piece, doesn’t take the time to substantiate how these employees were deemed more productive.
Beyond that, he failed to consider that it costs much more to have every employee select their own technology. There’s no way to get the same kind of discounts from a vendor for 1000 desktops and 300 laptops when any particular vendor might only see 20-33% of that volume, depending on how many vendors are available to choose from. Anyone who has had to purchase on this scale also realizes that the initial price of the technology is only the tip of the iceberg. The support costs are a large part of the deal as well (not to mention integration costs, but that’s coming).
So, right off the bat, our costs are up, as we have undermined our potential for volume discounts and other cost-effective bundles, and we have obtained nebulous and anecdotal productivity gains.
The rise of the consumer market also means people have gotten a lot smarter when it comes to technology—and a lot less patient with substandard stuff at the office. Even with the weak economy, companies will find it harder to recruit savvy workers if they don't let them use their favored technology.
Hmmm… As someone who has worked in IT for almost two decades now, I have found that people are more technology savvy today only in a very narrow sense. Yes, they know about newer technologies. Yes, they purchase devices that are more powerful than hardware of the past. However, they are no better at getting all these technologies working together than they have been in the past. If anything, the situation today is worse than before primarily because of the complexity and number of integration options that today’s devices offer.
How many people who have purchased a smart-phone with email capabilities have actually gotten it to work with more than a single email provider?
How many of these supposedly tech savvy employees manage to navigate their own wireless home networks and peripherals at home in order to connect successfully to the corporate network without calling on their corporate IT team?
What do you suppose happens to productivity when 30 people in a department purchase 6 different PDAs and brands of laptops, running different operating systems, and then try to connect successfully to some line of business application?
And which member of corporate IT is supposed to be proficient enough in all six of the PDA and hardware choices, plus the 3 different operating systems in use?
I can only laugh at the recruitment sentence above. Even in a great economy, that strategy is an ignorant one. I would do my best to ensure that employees with such a degree of unhealthy entitlement were sent directly to my firm’s competitors, for the entertainment value as well as for the competitive advantage to our firm.
Technology integration is where the bulk of dollars are spent on any technology-based project. Making things work together is where technologists spend most of their time, despite the abundant use of terms and phrases such as plug-and-play, standards-based, seamless integration, compatible and 15-minute installation in vendor’s marketing literature. Both valuable dollars and time are spent to make things work as vendors claim they will, on a regular basis.
And this happens today even in environments that are largely standardized. Want to guess what the impact is of lowering the standards of standardization? It’s not cost savings, productivity or time management – I can assure you of that.
It wasn't always this way. For years, the big breakthroughs in computing technology came in corporate IT departments and university computer labs.
Huh?!? Since when was corporate IT the place of big breakthroughs? University labs have been a source of many an invention or application of technology, for sure, but almost never corporate IT, except, possibly, in the area of local area networks.
Looking back over the years, the advances offered in computing technology were always offered by Intel, Dell, HP, and IBM in their consumer lines before offering them in their enterprise and small business lines. This is not a new thing, and it exposes Mr. Wingfield’s lack of knowledge concerning the subject he tries to talk so authoritatively about.
Information Security, Compliance & Risk Mitigation
Even more galling, especially to tech-savvy workers, is the nanny-state attitude of employers who block access to Web sites, lock down PCs so users can't install software and force employees to use clunky programs. Sure, IT departments had legitimate concerns in the past. Employees would blindly open emails from persons unknown or visit shady Web sites, bringing in malicious software that could crash the network. …
But those arguments are getting weaker all the time. Companies now have an array of technologies at their disposal to give employees greater freedom without breaking the bank or laying out a welcome mat for hackers. "Virtual machine" software, for example, lets companies install a package of essential work software on a computer and wall it off from the rest of the system. So, employees can install personal programs on the machine with minimal interference with the work software.
Did Nick say that the problem of employees opening up malicious attachments are in the past? Really? Is that why the Conficker virus is still spreading ONE YEAR after it came on the scene? And bear in mind – they are thriving primarily on home machines, where security is often much more lax than at the office. And this issue is not limited to any particular operating system or platform. Application vulnerabilities make up the bulk of vulnerabilities today across Windows, Linux and the Mac, so the concept of safety by OS is still reserved for the realm of science fiction.
I wonder how Nick expects that this virtual machine that is walled off from the rest of the corporate network is going to get to the Internet?
I wonder what he thinks is going to happen when employees go to the Internet from their walled off virtual machines, and download the information which will make them productive, and find that they are not connected to any corporate resources like printers and email?
I wonder if Nick actually understands how virtual machine technology works, or has figured out who will be paying for the operating systems that will be running on the virtual machine instances?
I wonder if Nick realizes that most people still don’t secure their wireless networks properly, or use passwords properly on their home networks?
I wonder how effective Nick thinks a promise to do the right thing is against malware attacks? (It’s not as if most employers don’t already make people sign acceptable use policies and employee handbooks today, right?)
What does Nick suppose will happen to an organization when its 1000 desktop users are running their 1000 virtual machines which have internet access and a mere 2% of them get their machines infected? (Mind you, I am being very generous by not assuming double digit infection rates.) Does he suspect that the other machines will be unaffected when those 20 systems end up in a botnet? Does he believe that there will be no corporate liability if those 20 systems are used to attack or compromise some other corporate or government entity?
What of compliance and risk?
Still, financial-services companies, law firms and others may feel the need to maintain stricter control, for regulatory and legal reasons.
There are many more organization than just financial and law firms that have regulatory concerns.
But wait! There’s more…
The most common threats for businesses are actually insiders, whether deliberate or accidental. Infected machines are a significant drain on business resources and productivity. These two statements are facts, borne out by documented evidence. Giving insiders more control of their own increasingly diverse environments will absolutely NOT lead to improved security. Any potential productivity gains would be wiped out by the liability incurred by the organization, as well as the the inevitable loss of productivity due to loss of intellectual property and efforts related to virus cleanup.
And what happens when an employee leaves your organization – with much of your corporate data all over their private systems?
Staffing & Training
We’ll finish up with this critical area, as it is most impacted by the ill-conceived proposal in the WSJ article.
The technology team in most firms represents significant costs, if only because of the level of expertise needed to run all the technology that powers businesses today. While it was once possible to be very strong in a many current technologies, that is virtually impossible today because of the frequency of change in the industry.
More than that, the issue is not just that one must be proficient in the use of Products X, Y and Z, but that one must be well versed in the possible interactions of the combinations of those products. The vastness of today’s technology landscape means that technologists are either reasonably familiar with a wide variety of different technologies (mostly from a stand-alone perspective), or they are expert-level in 3, maybe 4 different technologies. It is the very rare individual who can be broad and deep across many platforms and technologies.
This means that organizations will need to increase their technology staff AND technology training to enable their teams to manage the increased integration load. Or, organizations will offload that burden of support to the individual employees. I’ll bet that this removes whatever nebulous productivity gains were generated by the flexibility.
There is so much more I could cover, but I have neither the time nor the patience for a line-by-line rebuttal of the article. Nor, is it actually necessary, as there are many more holes in it than I have elected to address in this post.
I am, however, reminded of a quote made long, long ago in a mailing list far, far away that I feel is very pertinent here:
"If users are made to understand that the system administrator's job is to make computers run, and not to make them happy, they can, in fact, be made happy most of the time. If users are allowed to believe that the system administrator's job is to make them happy, they can, in fact, never be made happy." -Paul Evans
(as quoted by Barb Dijker in "Managing Support Staff", LISA 1997)
The role of an organization’s technologists are to protect the technology and information assets of the company, while facilitating productivity to move the business forward. This is always a balancing act, as no technology department that I am aware of today has anything resembling an unlimited budget. These goals must be handled as cost-effectively as possible. Letting everyone do what feels/looks good to them is as far from cost-effective OR productive as you can possibly imagine. For a good read on this subject, I would recommend that you read the following book:
IT’s Hidden Face: Everything you always wanted to know about technology.
I will be keeping track of the various organizations mentioned in the article to see how they continue to fare with their innovative approach to employee empowerment via technology. If they manage to get it right, we can expect more organizations to head that way.
And if they don’t, it will be best to have some proof when you head into the boardroom to engage in that discussion with your senior team…