This articles provides insight on the politics relating to IT. This is a very lengthy read, but worth your time if you can relate.
Politics in IT Departments
By Erik Rodriguez
IT people skills, IT department structure, IT staff members, manage an IT department, IT management techniques
Obviously technical knowledge is import in the IT field. However, the problem most administrators run into is the lack of information needed for dealing with management. Most IT staff members are logical thinkers and because of this are able grasp all the concepts and work in such a technical field. Naturally, such a personality type usually lacks a full portfolio of people skills. The following information will focus on non-technical knowledge, and the contemporary issues in information technology.
Corporate vs. Service Industry
There is a night and day difference between corporate IT and a service provider IT department. Service providers such as "managed service providers" are directly focused on generating revenue. Project completion, billable hours, and customer service are the life of these companies. Corporate IT departments are usually indirectly focused on generating revenue by supporting the company they work for. Generally speaking, corporate IT departments are easier environments to work in. Most of the time there is only 1 company, network, or infrastructure to support. I will cover the "IT chop shops" later in this series.
Types of IT Departments
There are all types of IT departments and many different factors that make them different from each other. The factors below highlight the main differences that make them unique:
The most obvious is the size of the company and revenue generated. The general rule of thumb for a business is to generate $100,000 in revenue for every employee. Most small businesses and startups do not have the cash to invest heavily into IT staff or equipment. Working for a small shop (5-25 employees) will almost certainly require you to wear many hats. It may be unpleasant to wear multiple hats, but on the other hand it gives you some freedom to make decisions and operate the IT department how you see fit. Early in my career I made various decisions that ended up being bad ones. They were usually easy to correct because the environment was small enough to cover. If I needed to go around and manually change something on 25 computers I could do it. Performing the same process on 250 computers... not practical.
- Company size/revenue
- Vertical market
- Current IT infrastructure
- IT staff members
Medium size companies (usually defined as 100-250 employees) operate more efficiently. Their business processes are better defined and they generally have decent budgets for IT staff and equipment. Most mid-sized companies have a handful or more full time staff working in their IT department. At this level, different areas within the department are specifically defined. These areas includes help desk, systems/network administration, and a few other areas as needed. Some mid-sized businesses have adopted IT operations like change management, IT policies, etc. Such practices result as a trickle-down effect from the enterprise environments.
The enterprise business world is like the wild west. As far as the eye can see, there are tons of employees, IT assets and usually operating capital everywhere. Enterprise IT departments are organized, complex, and usually very large. Certain areas of the enterprise, like a help desk, can be huge. There are multiple layers of management which usually include middle managers, a director, VP, and something like a CTO or CIO. The atmosphere in enterprise IT is usually more laid back. However, because of the size, enterprise environments have a much longer life-cycle for IT assets. Upgrading hardware and software takes much longer because planning and rollout efforts are harder. It is fairly common for enterprises to have very old core systems in place. Examples are things like e-mail systems (exchange), databases, and internal business software. Despite their shortcoming regarding timely upgrades, enterprises usually enjoy nearly unlimited budgets. With such deep pockets enterprise IT environments usually have things like fully redundant networks, server clusters, storage replication, etc.
Vertical markets also impact the dynamics of an IT department. Highly specialized services like Search Engine Optimization (SEO) and other online businesses are going to be much different than a standard brick and mortar business. A software development company will obviously have more "software people" on their payroll. This would include positions like database administrators (DBA), software developers, and software engineers. There is still a requirement for infrastructure, so systems and network administrators are also included but in much lower numbers. IT staff numbers vary depending on the size of the company but should be fairly consistent in markets like construction, law firms, financial services, etc. Although, there are always exceptions to these rules.
Ownership and management is one the hardest things to deal with. Small business owners are usually so concerned with their bottom line they forget that technology can be a tool that increases productivity and efficiency. Some argue it can do the opposite (inter-office chat, facebook, etc). Believe it or not, there are still companies out there with the older generation in charge. These types of people are stuck in their ways and are nearly impossible to when trying to pitch new technology. This is becoming less of a problem as time goes on, but it does still exist. Another issue worth mentioning is management that plays the big brother and/or micro management approach. I have worked for and with several managers/owners who were more concerned about what all the employees were doing than the actual business itself. These types of managers will try to leverage every possible method to track employees. The following list contains examples. Some are obvious, some are not. I am dead serious about this. I was asked to configure/install all of these at one point in my career:
I will not explain the most obvious but some things listed here were flat out ridiculous. Hidden IP cameras were requested because the management wanted to view production areas because employees were spending too much time talking at cubicles. Through the use of telephone intercoms, I was requested to activate the speaker and record the input. Management was trying to catch people talking about other employees. Anti-porn software was requested at a religious investment firm. I thought that was an odd request considering the nature of the business. Keystroke recorders were once requested, but after explaining how they worked, the owner opted against it. I have also been asked to disable and/or even remove any VPNs because the owner wanted everyone to come into the office and did not believe they should be working at home. The debate over working from home could go both ways. The point here is that the owners/management requesting such actions had no other basis for the requests other than the suspicion of people wasting time. I have never met a business owner or been called into a meeting stating the business was loosing money and they needed to know why. It was simply a case mis-management priorities.
- Biometric time clocks
- Active-directory based time clocks
- Task time tracking
- Hidden IP cameras
- E-mail journaling
- Internet filtering
- Anti-porn software
- Keystroke recorders
- Cubical audio recorders
- Disable the entire VPN device
Another issue with owners/management is the conception that technology and people who run it are as useless as carbon paper. Some people (for whatever reason) just do not see the value of technology and what it brings the table. I have also noticed these types of people are also not the most savvy and their technical skills are limited to e-mail and word perfect. From a provider side, these are the hardest people to keep happy. I have come in to fix numerous disasters (created by the customer themselves) only to get little or no recognition and hassle about the bill. These are usually the companies who "shop for IT providers" a few times a year. They always claim they were unhappy with their last provider because they didn't do their job. When in fact, the real reason is nobody can make them happy. I have dealt with this situation countless times as a service provider, contracted employee, and full time employee. Both parties end up with a bad taste in their mouth and nobody ever wins.
Current IT infrastructure
Current IT infrastructure is always a factor. The use of propriety or unusual software always makes hiring more difficult. Certain technologies like Citrix, Linux, and SAP require very specific skills. This limits both the available jobs for employees, and available candidates for employers. While employees with such skills usually enjoy job security, it makes it that much harder to find a job that needs such skills if they are ever let go.
On another note, I have walked into all kinds of disasters over the years. Especially while on the service provider/consulting side. See the examples of complicated Linux environments. Disasters are usually a result of several things. First, a business owner who refused to spend any money on technology needs. Keyword there is needs. Second, a previous IT staff that had no clue what they were doing. Last, and even worse, no backups whatsoever except a tape system that actually had no useable data it. These scenarios usually happen in the small business sector. The "IT chop shops" I referred to earlier are simply small IT companies usually providing something like "managed services." Managed services are basically out sourced IT services that include desktop support, server management, backups, etc. These chop shops usually work by customers paying a monthly retainer. From my experience, these are small companies. Usually less than 10 people and they are starving for any piece of the pie they can get. It's a highly competitive market and is usually local. Since the provider has to drive to each customer and physically perform the services, they are limited to how much business they can actually do. If there is a complete disaster in the area (hurricane) there is no possible way they could service all their customers as they would need 1 person for every customer. By design, this is a poor business model and most of these companies never grow and slowly end up going under. I have also heard them called "trunk slammers."
IT Staff Members
It is fairly common to see some separation of groups within the IT department. This usually only occurs within larger departments. The extent of separation may vary from mild to unbearable. This can negatively affect the performance of the department and possibly the organization as a whole. A good example would be a separation between the software team and the infrastructure team. When two groups decide to separate or effectively isolate from each other communication breaks down. Poor communication is detrimental to the operation of technical resources. This often leads to finger pointing as the software team will blame the infrastructure team for problems, and vice versa.
This section is perhaps the most critical piece of this course. Dealing with IT staff as co-worker or supervisor can be one of the most difficult tasks. As previously mentioned, IT staff members are a different breed of intellectuals. Some express themselves in different ways such as wear all black, long beards, or funny t-shirts. We are generally defined by society as geeks, nerds, or weirdos. I am going to use systems administrators for the following examples. Systems administrators are smart people. If they are still in the IT field after 3-5 years they are good at what they do and know what it takes to get the job done. That being said, more than half of the systems administrators I have known or worked with are completely strange. They don't spend their money on the same things normal people do, they don't watch the same TV shows, and don't listen to the same music. Here I go doing the same thing by stereotyping, but the fact the stereotype exist means there is some truth to them. Of course there are always exceptions to the rule.
The point of the previous paragraph is that working with and supervising such people is a little different. You have to get to know them a little and once they understand you are generally interested they will be more responsive and generally easier to deal with. Here are some tips to dealing with IT staff members:
The number one pet peeve of any administrator is people who don't read what they are supposed to. Often times a systems administrator will send out an e-mail to the entire staff stating the system will be down for maintenance during the X time for X duration. This is a common practice and simple to understand. You would be surprised how many phone calls a sys admin receives during the previously announced window from people wondering why the e-mail is down. If your systems administrator sends instructions on how to setup your spam box in outlook, make sure you read it before asking questions.
This is a general rule of society but also applies to IT. Don't break the rules means don't break the rules. If member of the IT staff tells you not to do something, don't do it. I have seen countless disasters that could have been avoided had someone followed the rules.
Most IT staff members prefer e-mail and/or tickets. There are several reasons for this. First, there is a recorded request or comment that can be referred to. Second, e-mail is a more efficient way of communicating. A person can answer e-mail faster than phone calls. Third, technical details will need to be documented. There is nothing I hate more than someone calling and leaving a 6 minute message with things like dates, times, IP addresses, etc. It forces me to listen to the message multiple times and the record the information. IT staff should train their users to send requests with technical detail through e-mail. Of course if something is down or on fire, a phone is usually the quickest way. The point I am trying to make is that e-mail is the most efficient form of communication and therefore most administrators/IT staff prefer it.
- Read the documentation
- Do not break the rules
- Use e-mail
Now that we have covered the overview of IT departments, our focus will shift to policies and procedures.
Policies and Procedures
These can be a edged sword in IT. They exist to make things easier, but not following the policies and procedures can land you in hot water quickly. The following sections will discuss common policies and procedure used in IT departments. As usual, this is all real world information that I have used and/or experienced over the last 10+ years.
Every company has a policies and procedures handbook. It usually covers things like company holidays, business travel arrangements, payroll, etc. Most companies today include a section related to IT and require employees to accept it by signing and returning to HR. The following topics are a MUST for any company:
Personal equipment, with the exception of cell phones, should not be allowed. Personal laptops, thumb drives, projectors, and other equipment should be issued by the company. Laptops and thumb drives pose a significant risk to the company. Things like malware, viruses, and other malicious software may infect company owned assets. The use of personal equipment also increases the risk of company data which may be confidential in nature to become public or fall into the wrong hands. Cell phones are generally a re-reimbursed item. However, data plans now allow users to access e-mail these phones. This requires the use of a remote wipe feature. Should the employee leave the company or lose the phone, it can remotely be wiped of all sensitive data.
- Use of personal equipment
- Use of company equipment
- Internet policy
- E-mail policy
- Company data and intellectual property
- Copyrighted material
Company equipment should be limited to use for the company only. This does not mean children of the employees should be using it for their homework or to play games on. It should not be used in conjunction with any other business ventures.
Internet policy can differ depending on the company. At a minimum it should state that all Internet traffic is tracked and logged (even if it is not). Some companies may have legitimate reasons to access sensitive web sites such as social networks, adult sites, or things of that nature. If not, a clear outline of acceptable and non-acceptable sites should be included with examples of each.
E-mail policy should be stated similar to the Internet policy. It is for company use and not personal use. At a minimum it should be stated that all e-mail messages are tracked and logged (even if they are not). Any information contained in e-mail message is property of the company.
Company property includes both tangible and intangible items. Tangible items such as laptops, cell phones, air cards, VPN tokens, etc. should all be returned upon termination of employment. Intangible items include company data, logos, and other things specific to the company. Specific things considered company data (customer contacts, reports, etc.) should be covered by a separate non-disclosure or non-compete contract.
Copyrighted material is always a hot topic. The use of copy written material can pose threats or create a liability to the company. Software, music, and movies downloaded or copied to company equipment poses an initial threat. DMCA and copyright violations can and will be filed against companies.
Real World Examples
The following sections contain real world experiences I have encountered in my 10+ years working in the IT field.
I was contracted to replicate data from 2 clusters in different states. There was a DS3 between each site and since the data was not stored on a SAN, I had to configure replication using Microsoft DFS. As the replication started I monitored the progress and could see all the files that were being replicated. I noticed several files that were popular movie titles. After doing further investigation, I found that a particular user had almost 30GB of copyrighted content. I notified the IT director and told him excluding that particular folder; it will take much less time to replicate. Later that day I was told to exclude that folder because the employee had been let go. Apparently, this was not the first time that particular employee had been warned. He was required to sign a document stating he would not use company equipment for personal use including the download of copy written material. This was clearly a violation that agreement.
When providing services such as dedicated servers or other network services, you always hope customers are honest. Every now and then a customer will use a dedicated server for something other than they claimed. I configured a dedicated Linux server for a customer who claimed they were shopping cart hosting. About 3 days after turning the server over to the customer, I received several DMCA complaints. DMCA complaints are generated by companies that are hired by film producers like Warner Bros, Pixar, etc. These DMCA complaints are filed when the 3rd party records IP addresses associated with illegal downloads of copywritten material.
As you may know, I have worked in IT for over 10 years in various positions from full time systems administrator to independent service provider. In both cases, I have needed to send documentation to users providing information on how to configure something. I will use setting up Microsoft Outlook with an Exchange server as an example. After doing this for so many years, I decided to create online documentation on the support site, AND a video tutorial demonstrating the same task. When new exchange accounts are created the links to each are sent to the end user. They are then supposed to follow the instructions to achieve their goal which is of course using Outlook. I cannot tell you how many times I have received a phone call or ticket stating "I need someone to setup my e-mail." I then responded with "use 1 of the 2 links included in the previous message to configure your Outlook." Next I would set the ticket to customer pending for the next 3 days. I generally found that after 1 or 2 days, they would simply give up because it was easier to follow my instructions then keep requesting support for something they can on their own. While this is not the best customer service, it really is not unreasonable for people to read or even watch a video.
In another situation, I sent a customer a video link for a different process. She quickly responded with "I tried doing the stuff in the video and it didn't work, can you please do this for me." I had a hunch she had not watched the video and was simply trying to take the lazy way out. I decided to try something new. I replied saying "I sent you the wrong link, please try this video instead." The link I sent her was not even a valid link. If she had clicked the link, she would have seen a 404 error, page cannot be displayed. Instead, she replied with, "that didn't work either, can you just call me and set this up." It is stunning how lazy people have become today.
Since I live in Orlando, FL, I eventually did some consulting work for The Walt Disney Company. During my contracted time, (almost 3 months) I worked with various departments such as IT, retail, and finance. My scope of work was to consult on a large rollout of retail software. Previously, they were operating on an old system written in-house nearly 10 years ago. The new system was based modern database software with hooks to things like retail, inventory management, etc. Walt Disney is a great example of the enterprise. At the time I was told they had over 140,000 employees worldwide.
The IT requirements were so large Disney out sourced the helpdesk function to an external company. The administration of servers and networks was still performed by in-house Disney employed IT staff. The retail department had their own "retail systems administrators" that were employees of the retail department. Being employees of the retail department and not IT, they had no administrative privileges to any IT assets. That did not make much sense as they were not able to do anything more than a normal retail employee. During the course of my work there, myself and several other consultants suggested a few minor changes made to their database tables. We were quickly informed that the process of making this change would require a change order process that would need the input of every department directly and indirectly involved. It was estimated the task would take 4-6 weeks and possibly longer because certain managers required to sign off were on vacation. The change we requested was completely transparent and we felt was blown out of proportion. Once the project was complete most consultants left to seek other projects.
Right out of college I worked at a mortgage company with 25 employees. Before my departure, the company had grown to 75+ employees. Needless to say I didn't have much to work with. The "servers" they had were basically desktops with a pirate copy of Windows 2000 Advanced Server. Most of the IT equipment was purchased from and/or configured from "IT chop shops." The less resources and lower budget, the harder IT's job becomes. There were some basic things I needed and insisted they purchased right away. Mainly, backup software and some USB drives to go along with it. Previously, they were using the built-in Windows backup software and were manually running backups to tapes at the end of the day. I spent a solid 3 months trying to explain to management that IT was an investment not just an expense. The e-mail system was a standard POP3 hosted by a friend of the company and went down constantly. The company went through an expansion and I was able to lobby for some real servers along with licensing for Exchange. My original statement about wearing many hats was nothing short of the truth. My official title was "systems administrator." My primary responsibility included:
Another pitfall to working with a smaller company is the level of employees that hired. Large corporations usually hire employees from other large companies. Such employees are used to working with Exchange, VPNs, and other modern technology used in the enterprise. Smaller companies tend to hire less experienced employees who have worked for companies of similar size. This required me to "train" these employees on how to use the tools to do their jobs. Needless to say it wasn't my favorite part of the job and I always ended up providing the same training over and over again to the same group of employees. Another hat I was forced to wear was generating reports. Nobody else in the office was technical enough to use macros in Microsoft Excel. The flagship mortgage software they used required data to be exported to Excel and manipulated. I eventually made myself "too busy" to complete these reports and was eventually relieved of such duty.
- All desktops/laptops
- Cell phones/blackberries
- Active directory/VPN accounts
- Intranet updates
- Network equipment/air cards
- Training/report generation
My tenure at that company lasted 3 years and I had landed a job at a webhosting company. I grew board doing the same things over and over again. After several years I realized I wasn't going to get anything more from the company. I was the only IT guy and had no position to be promoted to. I choose a webhosting company because I missed working with Linux and knew it would be great experience.
NOTE: this form DOES NOT e-mail this article, it sends feedback to the author.