What Would You Demand From Your IT Department?

ZombieLine asks: "The IT department at my company (approximately some 500 people) is showing signs of incompetence, and has been ignoring knowledgeable user input for about a year. Additionally, they haven't been able to sell needed changes to senior management. Unacceptable server down time, maxed network storage, and no backups systems have hit the bottom line, and those on top are starting to notice. We users are staging a revolt to make IT more responsive to users by creating a group from the company divisions and IT to discuss needs and solutions. What would you put in our charter?" What services and responsibilities would you demand out of your IT department?

What would you demand from your IT users?

[Anonymous Coward]

ZombieMime asks: "The non-IT employees at my company (approximately some 5,000,000,000 people) are showing signs of incompetence, and have been ignoring knowledgeable technology input for about a year. Additionally, they haven't been able to accept needed changes to senior management. Unacceptable computer usage, maxed bandwidth usage, and no common sense have hit the bottom line, and those on top are starting to notice. We geeks are staging a revolt to make users more responsable to IT by creating a group from the company divisions to discuss needs and solutions. What would you put in our meeting room to kill as many people as possible?"

From the non-tech perspective

[Dukeofshadows (607689)]

As a non-technical person with enough engineering friends to get to this site and have an iota of what might be reasonable to expect from IT professionals, here's my list of expectations:

-Security of data: obviously no data is *absolutely* secure if the computer is connected to the net, but enough security that I could feasibly work with medical records and HIPPA-privledged information without constantly worrying about crackers. For those of you who don't know what HIPPA is, imagine a very protective law about patient confidentiality that can result in serious jail time if it is violated.

-Continual access (within reason): If there are natural disasters, power outages, or personal emergencies, then certainly one can't reasonably expect 24-hr access. At almost any other time, however, I'd like to be able to turn a computer on at the workplace and not worry about downtime or have to call someone to fix the system (as my colleagues and I do now).

-Work ethic: Nothing pisses me off more than lazy people, especially those who try to use technobabble to hide incompetence. If there is work to be done, then I'd like to dial up the local expert/employee and know that the problem will be fixed *quickly* and efficiently. Certainly there will be problems that require more time than others and nothing runs smoothly all the time, but no one should have to brook crap from employees who pad schedules. If there are problems, say so and at least *try* to explain them, don't go into geekspeak/technical language in hopes that I don't understand and give up and let them go back to (insert game here).

-Keeping me informed of new tech without trying to be a salesman: Not every new upgrade is worth getting and keeping up with the Joneses can be prohibitively expensive. Sure, new tech is very cool and I'd like a wireless device to use around my office to tie labs/patient data together, but that doesn't mean it's worth constantly annoying the boss for tech upgrades

-Honesty: Don't overcharge me or bend/stretch/break the truth with me. Medical professionals *seem* to be a prime target for fleecing among computer folks and I've heard horror stories about people paying several times market rate for upgrade and basic tech services. If you work for me, please be honest about all systems or equipment. If I've made a poor decision and there's new data, say so. If there's a better program/hardware setup out there and I'm not familiar with it or am being blindsided by the saleswoman, make mention of it. I don't have the time or patience to micromanage, if your job is technical material than I rely on your expertise and expect to be able to trust you and your decisions.

That shouldn't be too much to ask and is what I will expect of any technical employees I'd hire once I graduate and get a practice up and running a few years from now.

Re:From the non-tech perspective

[GuyverDH (232921)]

- Security: How much of that data gets into hard copy that end-users leave lying around their cubicles, or is displayed on screen when users get up and walk away from their desks without *locking* their systems. How many people *share* userids and passwords so that they can login as each other *just in case* they forget their own passwords, or someone else can do their work for them.
Security is a two edged sword... To increase security - you the end user get the following. All traffic is encrypted. All fields that display sensitive information are invisible, unless you move the mouse pointer over it, and click (hold the click to see the info). All screen savers are locked on blank screen (no user customizable fancy dancy screen savers) - and set at 1 Minute, maximum - no user ability to change / reset this. All user systems have USB disabled, no cdrom drive, no floppy drive. All passwords must be a minimum of 8 characters long, have at least 2 numerics, 2 symbols, 2 capital letters and 2 lower case letters. Zero repeat characters, and no character can be used in the same position more than once in 16 months. Passwords must be reset every 28 days - no exceptions. All users must pass basic computer literacy / ability tests. You fail the test, you're fired. Internet access is restricted to Intranet and *approved* work related internet sites. Usage is monitored, and reviewed by supervisors monthly. Users must face the entrance to their work environment, with their monitors facing away from the entrance. Spot checks will be done to see if anyone has passwords written down, if they do - they're shit-canned. Anyone caught sharing / using someone else's password is fired - no questions asked. Supervisors caught logged in as one of their employees are also shit-canned. Supervisors have the ability to review their people's work, without logging in as the user.
- Continual access - Users get as much access as the business areas are willing to provide. IE - Continuous access costs money. Get the IT areas the money, they will get you the access. Clustered servers with snap-shot capable databases / filesystems are not cheap. Nor are the test servers needed to allow for full regression testing of each patch / update for every system in the office. All of these things must be provided for to get you your *full time access*.
- Work Ethic - Nothing *PISSES* me off more than lazy end users who say "can't you just?" or
"quick question" - especially when I've already answered the question 15 times previously. Nothing is ever as *simple* as you think it is. With today's systems that are interconnected at levels previously not even dreamed of - taking that simple table offline so you can *refresh* the data, causes 13 other business areas to sit idle until that data is made available again.
- Keeping you informed - While not every new technology is great, there are sooo many new technologies that *could* make your life easier, if only you could get over this *fear of change* you seem to have. Change is good - without it, we'd all be dead.
-Honesty: I've never stretched the truth, nor have I overcharged. However, the reverse is also true - don't ask questions like - "Honestly now, isn't it *physically* possible to do x/y/z?" Even when it's physically possible to do something you want, doesn't mean it's the right / correct / intelligent thing to do. Since it's our job to be technical, and *know* these things, let us do our jobs - without butting in with your inane prattling.
Remember - as a computer analyst, we are expected to be right 100% of the time, and aren't allowed to *experiment*. As a doctor, you are expected to be right 100% of the time - however, with computers if the *patient* dies - nothing but information is lost.

Re:From the non-tech perspective

[jbolden (176878)]

No one is going to use this password scheme they are too hard. You don't use passwords. They really aren't secure, you need a "something you have, something you know, something you are". For the "are" control access to the machines. For the password use a have and the password changes in a scheduled way every-time its used. Then for know use something much harder than a phrase
-- what was the name of that cute girl in 3rd grade?
-- what was your favorite restaurant in high school
-- What do you get mom for her birthday

The same question doesn't get reused for 180 days or so.

I Love Stupid Users

[inKubus (199753)]

I come from a long helpdesk background and am now a senior developer at a mid-sized company. Unlike most of you nerds there's one thing I enjoy more than "being right" and that's "being lazy." That's why I love stupid users. I loved having a job where the biggest problem I faced in a day was telling a user to turn their monitor on. Or turn their capslock off. The worst job I EVER had was working with some very bright and very motivated individuals who were not geeks but were extremely competent in everything they did. The one thing they didn't know well was computers, and in that business you didn't need to know computers to make a crapload of money. But because they were all so brilliant, every little thing was nitpicked. Everything had to be done now now now. There were no easy problems and every day I was challenged to learn and perfectly perform something that I'd never done before with technology. There was always some shit on the line: huge fines from regulatory institutions, huge investments of money, hundreds of employees counting on your work. If the worst you have to deal with is someone dumber than you, you have it made. Make friends with your users, treat them like people, and soon you'll be in middle management, making bad decisions for a big salary.

Re:From the non-tech perspective

[Pig Hogger (10379)]

All passwords must be a minimum of 8 characters long, have at least 2 numerics, 2 symbols, 2 capital letters and 2 lower case letters. Zero repeat characters, and no character can be used in the same position more than once in 16 months. Passwords must be reset every 28 days - no exceptions.

Shhhh! Shhhh!!! Hear!

(cricket sounds)

Congratulations: this is the new empty office after everyone was fired for not being able to follow this terminally assinine password policy.

Re:From the non-tech perspective

[TheRaven64 (641858)]

I recall another organisation that had a similar policy. Their policy was that you were not allowed to have the a wheel in their cryptographic system in the same place on two consecutive days, and you were not allowed to have the all same wheels in the machine two days in a row (i.e. you had to replace at least one wheel and re-order the others). Something else that could have been described as policy, but was really an part of the machine's original design, was that no letter could map to itself in any configuration. The cryptographic engine was called Enigma, and the organisation that came up with this policy was the Third Reich. Now, I'm skirting dangerously close to Godwin's Law here, but I will continue.

At the same time, a bright young English mathematician named Alan Turing came into possession of this knowledge. He realised that these rules dramatically reduced the number of possible cyphertexts for any given plaintext (and vice versa), making the search space much smaller than it would otherwise have been. As a result of this, he and his colleagues were able to crack the encryption with the primitive computers available at the time.

Arbitrary restrictions on passwords are not sensible. Do not allow dictionary words and trivial permutations of them, since they can be cracked by a simple method, but any further restrictions only serve to narrow the search space for an attacker. The scheme listed means that most passwords will have two upper case letters, two lower case, two symbols and two numbers. This is an almost trivial subset of the number of possible eight character combinations of letters, numbers and symbols.

In summary, whoever came up this this policy is an idiot both for social and mathematical reasons. They should, therefor, not be allowed to interact with either humans or computers.

Re:how to remember a secure password?

[LordLucless (582312)]

No, the password criteria given above SUCK. 8 characters, 2 lower, 2 upper, 2 numeric, 2 symbol. There's too much information given away in the security policy about the composition of the password. Whereas a normal 8-character password would have around 90 possibilities for each letter, in this case, each character would have a maximum of around 26 possibilities - even less for some because numerics only have 10 possibilities. You really cut your password space down with overly-restrictive policies.

Of course, hard-to-crack passwords only matter in cases where it would be feasible for someone to try and brute-force the system without being detected and locked out. That's generally only possible against targets like encrypted files, not live system logins.

The only thing that is going to let people in to live targets via the normal user login (ie: Not through a bug/hole/exploit) is either easy-to-guess passwords (like spouse name, dog name, birthdate, etc - dictionary words are not necessarily easy to guess unless there would be some reason an attacker would be likely to guess the word) or through the user disclosing their password in some manner.

Of the two, user disclosure is more likely. Even with an easy-to-guess password, it's unlikely even a knowledgable attacker would be able to guess it in few enough tries not to set off any lockouts the system may have. In any case, you don't need to go to such a draconian level to prevent easy-to-guess passwords. Require two non-alphabetic characters in non-adjacent positions in the password, and you're pretty much safe.

The most likely route for password compromise is user disclosure, and there is no technical way to protect against that except for relying on additional, non-password security measures (keycards, biometrics, etc). You could try educating your users, but like that's going to work.

Re:how to remember a secure password?

[penix1 (722987)]

"When the Nachi/Welshia worm got on our network we had to disable that rule. It tried account passwords so rapidly; every account that had a strong password and it couldn't get into, would get locked every 30 minutes. We couldn't unlock them fast enough."

You just illustrated what the users have been complaining about. Instead of cleaning your systems of the worm you are running around unlocking accounts. Leave them locked until you get the flipping worm off your systems THEN unlock those accounts. It isn't rocket science folks...

B.

Re:how to remember a secure password?

[Mateito (746185)]

Thats because they are auditors and don't have a clue about security. Security is 95% psychology, and 5% technology.

A user password policy that is too restrictive means users will never remember them, and end up doing things like writing them on post-it notes and sticking them on the monitor.

A better solution is have easy-to-remember passwords (though not trivial passwords such as "password", the login name or "1234567890") and put in a 3-strikes-you-are-out rule and a hierachical user access policy - "need to know". Remember - 80% of attacks come from within. Don't trust your users.

Naturally, the root/Admin passwords for servers containing critical business data and de-encryption keys are long, complicated, regularly changed then written down and placed in an envelope in the corporate fireproof safe, along with the weekly backup tapes.

Re:3 months

[ErikZ (55491)]

28 days! Pshaw! You're just *inviting* the bad guys into your system if you follow such a lax plan.

Every day should start out with changing your passwords. You may have to hire a few more people who's job is to reset forgotten passwords, but when you have to do it constantly it shouldn't take more than a minute per person.

Of course, if the bad guys learn that everyone changes their password in the morning, it wouldn't take much effort to be in the right place at the right time and get unrestricted access to the systems for 24 hours.
So you'll want to back this up with some sort of bio-identity methods. Fingerprint identification, retina scans, and instant DNA testing.

Some people say that these aren't secure enough, that someone can get fingerprints, a DNA sample, and a picture of your retina. There is an easy solution to this if you just think about it, the daily random mutation of all your employees before they change their password and give a DNA sample.

Anything less than the method outlined above simply isn't secure.

Re:From the non-tech perspective

[sphealey (2855)]

=== If there is work to be done, then I'd like to dial up the local expert/employee and know that the problem will be fixed *quickly* and efficiently. ===

Only the fire department and the Marine Corps keep enough people on standby to handle any problem presented to them immediately (and even the Marines are a bit tied up at the moment). Every other entity queues, prioritizes, and triages. Your IT department *could* maintain enough knowledgable experts to answer your difficult questions in depth whenever you picked up the phone - I once worked with one that did. That department lasted a little less than 2 years; once senior management figured out how much it was costing they terminated it and replaced it with an outsourcer at 1/3 the cost. 1/5 the level of service, but that was not senior management's concern (and perhaps rightly so).

sPh

Re:*quickly* is relative

[d'fim (132296)]

"As for checkwriting ability, good point, not something I'd considered off the top of my head."

Get used to unexpected consequences to your decisions, if you're going to run your own business. You MUST learn to think things through - i.e. "look before you leap". You have to do it as a doctor; so just remember to do it as a boss, too.

Today we rearranged our office. Impromptu - no planning - just "do it now" and "we'll figure it out as we go". Moving one row of cubicle dividers next to the wall meant that the power, phone, and data outlets along that wall were no longer accessible and the previously used outlets became too far away. Management said "no down time" and then had to accept down time for four production workstations while someone made a Home Depot run for extension cables - which, of course, are yet another kind of mistake. (Then there was a second run, as management had forgotten that power cables are not the only kind of cables . . .)

We needed to move our servers over by seven feet. "What do you have to take them down for? The cables will reach. We need our productivity!" So after sending everybody home when two of our 1-TB RAID volumes stopped communicating with the server, I got an earful from management about how we employees had bungled a "simple" rearrangement of the entire office. We employees also got blamed for "our" failure to plan!

I also got an extraordinarily polite ass-chewing from a Dell server tech about trying to physically move a running server with external RAIDs - and believe me, I did make it VERY clear to management that that move was NOT a good idea! We came very close to losing about 1.5-TB of data today; despite our backups the loss would still be hurting us months from now.

Hopefully you will do better.

Re:From the non-tech perspective

[cexshun (770970)]

As the sole IT employee in my mid-sized company, I understand your wants. However, perhaps you don't see that you're micro-managing a bit?

My bosses want to be kept informed at all times. However, trust me and let me do my job. When I fix something, don't ask me what was wrong or how I fixed it. I don't have time to explain to you what you learn in 2 semesters of network infrastructure classes. Just back off and you'll be surprised how much an IT person will get done. Sometimes you just have to accept, "It was a problem with the hosts file and it was throwing off sendmail" without probing into sendmail.mc theory. And as far as explaining it in non-techie terms, I can only dumb down SSH tunnels and the TCP/IP protocol so much before I want to jab myself in the eye with a spork. OK boss, it works likes this. A computer stands up and yells,"Hey Server!!!". All the computers here it, but only the server yells back, "Yeah, what do you want?"

As an example, my boss was on vacation in Florida. While he was gone, in 1 week, I was able to complete more projects to improve business and workflow then I previsouly had since the first of the year. You know why I was so non-productive? My bosses demanded a military-like work ethic, wanted to be constantly informed, wanted to triple check the line items on a budget request for a freakin tape drive, etc. Without him breathing over my shoulder and constantly asking me why I had a browser open(that better be work related!) and without having to explain to him why DNS is so important to an AD network, I was able to do what he was trying to 'motive' me to do, actual work!

And just because you don't see me doing anything doesn't mean I'm not busy. Sometimes I have to push myself away from my desk and 'space out' for a bit while I brainstorm what the heck is wrong with the httpd.conf file.

IT is a tough job. If people don't know you exist, that means you're doing a good job. Conversly, they get the impression that you don't do anything since you're out of sight/out of mind. And ever since I bought that Time Management for Systems Administrators(previsouly reviewed on slashdot), it seems I have become more productive while giving the illusion of doing less work.

Re:What would you demand from your IT users?

[shokk (187512)]

Dear ZombieLine,
Maybe your company, like most others, is drastically underfunding the IT department, expecting superhuman performance on less than shoe-string budgets, while every day demanding all new buzzword compliant services and ignoring IT requests for additional warm bodies. Not to mention the fact that you are using high maintenance Microsoft Outlook type services while surfing for pr0N and jam packing your mail server full of the latest Happy Fun Tentacle Rape Party videos that everyone is mailing around.

Unacceptable server downtime? Are you clustering critical services?

Bad backups? Chances are your company is very content with single tape drives that the sysadmins can swap tapes from rather than having a good tape library with enough licenses to cover all servers with a decent retention time.

Maxed network storage? Are you paying for more RAID disk shelves? Or are you still feeling brilliant telling your IT staff all about how "you can get an IDE 200GB drive for $50 at Staples, so why can't that be plugged into the EMC or NetApp fileserver?"

My recommendation: stop demanding Five 9's of service and stop expecting services to never reboot or need maintenance if you aren't going to fund it. Stop dicking around at being a business and spend money to make money. Otherwise, save everyone time and bend over to your competition now. You can recommend all the fantastic new upgrades and services, but if your company doesn't recognize the value of improved infrastructure services, and an educated staff, you don't deserve to stay in business and sooner or later Darwin will rear his ugly head.

Get your little posse of idiots together an ask senior management why they are refusing to fund the needed changes. You might be pleasantly surprised to find out that they have no friggin clue about how to manage IT. Or maybe you haven't been paying enough attention to quarterly financial reports to realize that your company is experiencing a classic symptom of the death spiral.

Oh, BTW, you're an asshole. You and your 2Live Crew can go fuck off.
Love,
Shokk

Re:What would you demand from your IT users?

[Anonymous Coward]

Pet Peeves:

Users who think the network drives are for their personal music, picture and video collections.

Re:What would you demand from your IT users?

[a55mnky (602203)]

Your ignorance of what is involved in supporting IT is showing.

Although the cost of the drives may have come down, there are other costs associated with adding another drive - that additional 1 meg of on line messages multiplied by X numbers of users needs to be monitored, maintained, backed up and made redundant ... and of course restored when somebody mistakenly deletes the wrong message.

Re:What would you demand from your IT users?

[Sinus0idal (546109)]

Indeed, I was going to say, I'd like the poster to show me a decent 200gb SCSI drive for $150. In fact, it would need to be in a RAID, so make that 2 or 3 200gb SCSI drives for $150.

Re:What would you demand from your IT users?

[DA-MAN (17442)]

I like anyone to show me a 200gb SCSI drive for any price. The only SCSI drives I have seen recently jumped right from 146GB to 300GB flavors.

I bought 20 of these 300gb scsi monsters. At 1500 bucks a pop!

They wanted to upgrade an aging 20 node Single Athlon MP Cluster. I told em it'd be cheaper to buy new hardware than to upgrade them to 2 cpu's, quadruple the ram and add 300gb scsi hard drives.

Originally = 1xAthlon MP 1800, 1 Gig Ram, 1x76gig HD
Upgraded = 2xAthlon MP 2800, 4 Gig Ram, 1x300gig HD & 1x76gig HD

They didn't believe me. . .

When these old, out of warranty machines, started having all failures (mobo/power supply) it was my fault! Try as I could, I couldn't get replacement parts. The legacy parts, ATXGES (Non-Standard) power supply and discontinued mobo were nowhere to be found. . .

The guy who posted this "ask slashdot" probably knows more about his local IT department than I do. All I can say is that I got a reputation very similar to the posters IT dept. Incapable of keeping servers up, yadda yadda yadda, even though I had made it clear that this was NOT the way to go. Just because IT is in charge of it, doesn't mean they created the mess. . .

Re:What would you demand from your IT users?

[shaitand (626655)]

"you have not seen how busy a competent IT technician is"

A competent IT technician has just enough time on his hands to learn new technology and retain sanity. A competent IT technician does not give users access to anything that could cause unpredictable consequences and makes sure that the systems they do have access to don't have problems in the first place.

An IT guy who is constantly running from place to place is the result of one (or more) of three things.

1. An understaffed department. Your IT guy is not working the floor in a retail outlet, if he's on his feet or crawled under a desk most of the day you need more IT guys.

2. An imcompetent IT guy (or IT decision maker causing IT guys to perform IT tasks incompetently). When IT is done properly there are not fires everywhere to put out.

3. Incompetent users. Incompetent users are the types who keep the IT guys busy fixing phantom problems, doing user training, or bug them with water cooler talk that fails to recognize that IT guys don't like people or talk. Your IT guy does not care to tell you about the cell phone or digital camera on the market.

Re:What would you demand from your IT users?

[rtphokie (518490)]

Horseshit! IT support IS about users and you'd better learn how to talk to them if you want to keep working in IT. RTFM as a response to stupid user questions will eventually get you your walking papers.

Wrong. Many supposed IT problems should actually be solved by HR with a good talking to about abuse of company resources and how that might limit your career.

Calling IT when you forget your password for the 5th time that month or with some dumb question because you are too lazy to crack open a manual is no better than stealing office supplies or equipment. It's all just stealing resources.

20% of the users create 80% of the work for IT.

Right On Brother Barron!!!

[eno2001 (527078)]

You give 'em hell!! Speaking as a user, I can say that I could put together an entire server room in a week using off the shelf parts from CompUSA and Best Buy. And it wouldn't cost the millions that most IT departments spend on those elitist devices like SCSI drives, ECC RAM, DLT tapes, Cisco Managed Switches and SANs. The first thing I'd do is build a big system based on the latest gaming system specs (since gamers push the technology envelope) and cram it with ten 300 gig SATA drives. That's 3 terabytes of storage (more than those piddly SANs!) and at a fraction of the cost. Then I'd make sure had a dual layer DVD burner in it for backups. That way WE could have full backups on really inexpensive mediums. When I saw the price of a DLT II tape on an IT invoice, I nearly flipped. They're TOO expensive!!!!1111!!! Then I'd throw Windows 2003 Server on the box to manage all this stuff in one place. A few Linksys or Netgear switches can start connecting the resst of the networks together and they'd be WAYYY cheaper than the highway robbery that Cisco foists on us through our IT elitists.

The workstations would be even easier. I'd buy everyone the $300 AMD specials with Windows XP Home. That way they'd be more familiar with the OS since they probably have XP Home at home too. Just plug them into the network and away they go. They can all get their IP address from the Linksys router like I do at home and then they're online easy as pie. Don't need to get out any stupid manuals to manage Cisco switches or anything like that. All the gobbledygook is just for elitist snobs. For restoring a PC if it gets hosed, I'd just use a copy of Ghost. Sometimes you can even get Ghost for free if you buy the right hard drive. Just hook up a laptop with Ghost to a PC using a USB cable and make an image to burn onto a DVD. The next time the PC needs to be revived, just grab the DVD from the pouch on the side of that box, pop it in the laptop and Ghost the other way around! Easy as pie and FAST too!!

In this day and age, what company with a competent IT staff does it's own e-mail? I've been trying to tell the folks in my IT department to ditch our mail server (some antiquated Unix based thing that nobody really likes) and just let everyone get Hotmail accounts. Now that GMail is around, that's an option too since they give you a pretty comfortably sized mail box as opposed to the meager offerings of the clueless IT staff. E-mail should be able to hold whatever I put into it no matter how much or how big. Period.

The voice over IP thing is easy too. Just buy a VOIP box from Linksys and get a Vonage account for every group of ten users you've got. You'll need multiple DSL lines to do it, but that would still be far cheaper than having one of those snobby PRI or T1 lines to carry your voice traffic. Speaking of which... why on earth is anyone using T1s and T3s these days? They're so costly and they don't perform anywhere near what I get on my cable modem at home. Just get cable modem and be done with it. Your users will thank you forever.

Barron, I'm glad you gave me a chance to get that out there. The users need to know the truth.

Re:What would you demand from your IT users?

[Trigun (685027)]

My pet peeve is being told what platforms to support, training budget spent on hardware, having to support a single server that needs to have 24/7 uptime built on commodity hardware, having end users think that a 250 gig hard drive for $150 is going to cut it as enterprise grade hardware, being pestered for every little thing that remotely has to do with IT, answering the exact same question over and over, even though you spent the time to put up a FAQ on it after the same person asked you the answer every damned day. I hate the fact that end users destroy their systems, lie about what websites they go to when you know exactly where they are going, what they are doing, what link they clicked on. I hate the fact that they decide to go to your supervisor before coming to you, and you get shit on because he has to break up his day and deal with an irate phone call because when you told the user that you were aware of the problem, and were working on it, and nothing has changed in the last five minutes, that was too much for them.

The big thing that you need to have a qualified IT department is an actual department. Put training schedules in place, and anyone who isn't performing due to a lack of technical knowledge should be first retrained. Make a gameplan for your business, and ensure that you ask the IT managers to attend the planning. Keep them in the loop, and make sure that you have the equipment to make the initiative happen. Make certain that there are proper procedures in place to handle issues, and the staff and resources to fix them.

from personal anecdotal experience

[yagu (721525)]

Your company may have IT problems if any of the following has happened recently:

• your company has right-sized the work force (could cause loss of corporate memory since right-sizing is usually code for age discrimination
• decided to become a [insert technology here] shop by executive fiat with no input from IT staff (could de-moralize IT staff, they're not going to care much if their input isn't being counted)
• changed the review process (more de-moralization -- they're (reviews) usually not changed in a positive way)
• eliminated bonuses
• implemented mandatory overtime (I've experienced this many times -- it's the best way to instill attitude in an IT organization)
• gotten a new CEO soon to loot your company and run (I experienced this... once I experienced a half million loss in options and 401K it was hard to like what my company had become when the CEO walked away with $500M)
• frozen pension benefits (ditto)
• cut back on medical coverages (ditto)
• implemented a required "certification" process for IT staff (gag)

There are many more -- these are just a few I've experienced that exclaimed "improved [insert your favorite trait/characteristic here]" and had mostly the opposite and unexpected (to decision makers) results.

(btw, your "500" count is listed after the mention of your company, it's not clear if you're talking about a company of 500 employees or a company for which it's IT segment comprises 500 employees...)

Was IT outsourced to EDS?

[argoff (142580)]

At one company I worked for, upper level managment (bypassing everybody behind the scenes) got into a very expensive long term IT outsourcing contract with EDS that required them to take over all IT opperations. (kickbacks anyone?)

Anyhow, what happened was that once EDS was locked in, they went off and hired a bunch of hamburger flippers and called them "Senor IT insert_speciality_here". While the existing IT staff tried their best to train them, the results were rather predictable. I've herd EDS has do

Re:Was IT outsourced to EDS?

[jbolden (176878)]

I bid against EDS on a contract. We were cooperating with IBM. We both agreed that the cost for the project would be 20x to implement we bid 30x. EDS came in at 8x.

BTW EDS has lost money on virtually every contract. I don't think its kickbacks they just underbid cost and then try and make it up on other charges.

No.. the answer lies within his dilemma

[beacher (82033)]

"Additionally, they haven't been able to sell needed changes to senior management."

Answers:

• Put senior management on the same file server and the downtrodden masses
• Put senior management on the same switch as the masses
• Put senior management on the same proxy server as the masses

When senior management feels the pain, they're likely to release the thumbscrews if they can. If they still don't respond, then you've identified your bottleneck.

-B

You missed a biggie- $$$

[badriram (699489)]

Was their BUDGET cut years ago, and never brought back up.

A lot of people I know tend to blame IT staff for lack of space, lack of bandwidth etc. when problem was that IT dept could not afford to purchase equipment to upgrade a service, and they just tend to use all the budget to maintain status quo. Trust me all IT folks out there LOVE to push out new technology, increase storage, better networks, and reduce helpdesk calls. But a lack of staffing and money can put a damper in the best of IT staff in the world.

ITIL

[Wanker (17907)]

The UK-based ITIL initiative describes in gory detail a collection of best practices that IT can follow to provide better service to their customers. They can do as much or as little of the whole program as they want, and it can even be driven from the outside by the user community if absolutely necessary. Obviously, if there's cooperation it works better, but if they roll their eyes at "another total quality management initiative" (which it's not) you can still use the terminology and methods and eventually drag them into it.

http://en.wikipedia.org/wiki/Information_Technolog y_Infrastructure_Library [wikipedia.org]
http://www.itil.co.uk/ [itil.co.uk]

Re:ITIL

[Anonymous Coward]

I have to post this one as AC, sorry.

The UK-based ITIL initiative describes in gory detail a collection of best practices that IT can follow to provide better service to their customers. They can do as much or as little of the whole program as they want, and it can even be driven from the outside by the user community if absolutely necessary. Obviously, if there's cooperation it works better, but if they roll their eyes at "another total quality management initiative" (which it's not) you can still use the terminology and methods and eventually drag them into it.

The company I work for decided to "implement" ITIL about five years ago. It has improved nothing, and has essentially just served as a different set of buzzwords for managers to use.

What it reminds me of is an article I read about the US military and its "transformational" thing a few years ago. Everyone and their mother was scrambling to claim that their pet project was a great example of a "transformational" weapon, even though they changed nothing about it.

Have you thought about...

[tekiegreg (674773)]

Outsourcing to someone else?

Seriously, if you're going to have a department of lazy, inefficient slugs, you might as well have them for cheaper :-)

In addition, the very threat might make your IT department shape up real quick...nothing like the threat of losing your job to light a fire under your butt and get working.

By the way raymondsimms@hotmail.com I'd be careful using fullnames around stuff like that. An IT guy at your company is probably checking the company database right now for names that match that...prepare for the vengeance of an IT Guy.

Re:Have you thought about...

[B3ryllium (571199)]

Ooh! Good idea. I'll check for him tomorrow when I get in to work.

First thing to demand - an SLA

[Olmy's Jart (156233)]

You need to map out your requirements and then formulate them into an SLA, a Service Level Agreement. Then get your management to agree to it and take it to the barganing table. Make it clear that this is what they (the IT department) will be measured and evaluated against. If they can't agree to it, then get them to counterproposal. But, what ever you do, get it in writing in the form of an SLA, with the bosses on board... The particulars about what services and what responses and what responsibilities you want from them are details that go into the SLA. Once you hash out the details, get them locked into that SLA, though...

3 easy steps

[dark404 (714846)]

Step 1: Find a Bofh
Step 2: Unleash the bofh into the IT department
Step 3: Rightly cower in fear and reverence of the new effective (and renamed!) Network & Systems department.

What are we starting with?

[Conception (212279)]

"Unacceptable server down time, maxed network storage, and no backups systems have hit the bottom line, and those on top are starting to notice."

I don't know your situation... but maybe more money is needed for people, equipment, etc etc. You can demand all you want, but if you don't pony up the resources... *shrugs* You get what you pay for.

Re:What are we starting with?

[Geekbot (641878)]

You can say that again. IT doesn't make money, they save money. The suits in power see that the IT department can be run cheaper with only x staff and x resources. Those that aren't getting their needs met need to be vocal and clear about the cost to the company, in both downtime and morale, when the system just doesn't work.

performance criteria, & resources to meet them

[Engineer Andy (761400)]

set down what is reasonable in terms of expectations (not more than "x" minutes of downtime during business hours every "y" weeks, scheduled downtime compared to unscheduled downtime. I would have thought that data storage would be part of your record keeping requirements for your Quality management system, just as the system should spell out how you should be filing your correspondence, verifying your work, and all the other mundane bits of Quality in a business

I think that if your IT team have been beaten into submission by a tight-fisted upper management, they may well know that things are not as they should be, but know that no matter how hard they push, upper managemtn wont do anything until it becomes a crisis. More of a sense of resignation, and coping from day to day rather than implementing the best practise they know that they should have

my old office had a server die and take down all the files for a day or so during business hours due to a faulty power supply. no hot swappable power supply on that server. They were continually running out of server space for files (not due to massive mp3 libraries sitting on the server either), which seemed mad to an end user who just wanted to know that things would be able to be saved.

They also had two email gateway servers (i'm not in IT so i may be using jargon incorrectly) and periodically one would fall over, and every other email would fall into a black hole, with no bounceback or indication your email wasn't lost. It got so bad that i would phone people when critical emails were coming through so i could be sure that they were receieved.

the firm I am with right now has a really good internal help desk system which quickly answers user queries, and the system is set up so well that you become oblivious as to the system because you can just get down to doing your work rather than worrying about how stable things are.

No Brainer

[moehoward (668736)]

This is beyond a no-brainer. I actually doubt the authenticity of the story based on how the real world works. Or maybe the poster is really in a 25 person company or something.

Anyway, here is how it works. Your department has IT needs. These needs are written down. The IT department has guaranteed services it provides. These are written down. Your department takes a budget "hit" to pay for an internal IT department. These are the givens.

Now, if IT does not provide services you NEED/REQUIRE (like backup, duh), then you go to the whomever is above both departments (COO, VP of division, president...) and you show the mismatch. This is not a complaint, just a reason why you are increasing your budget next year to get the services you need to succeed.

Of course, you are keeping a log of all incidents that are occurring and a log of down time and a log of costs to you as a result, etc.

Look, business people are not idiots. The 3 previous paragraphs I write above are beyond no-brainers. Why is this stuff so non-obvious to today's geeks??

Re:No Brainer

[MarcQuadra (129430)]

Not always so.

Where I work there's no chargebacks, no SLAs, and the accounting is very loose. Because there are no chargebacks, the IT department has to pay for all new technology out of pocket. We have to make a decision either to provide equipment OR to be able to service it. When a department wants something we have to take the defensive, even if it is the right tool for the job, because it comes out of OUR operating budget. IT ends up stagnating the company just to be able to maintain existing equipment

It sounds like your company has other issues...

[mrscott (548097)]

It sounds like your company has other issues beyond an unresponsive IT department. You indicated that IT has been unable to sell necessary changes to senior management. Are you positive that senior management agrees that changes are needed or that they actually understand the seriousness of the problem? You might find that IT feels that their hands have been tied and have nowhere else to go since senior management isn't helping them.

A group of users making "demands" of the IT department is somewhat inappropriate. Yes, the IT department exists to help users with their work, but their priorities are set by senior management. If you plan to create some kind of IT Steering Committee, I would recommend a few things: (1) Lose the attitude -- all you'll do is put the IT folks on the defensive (and remember, since you're not in their group, you may actually have NO idea what priorities have been laid out for them by senior management); (2) Get the blessing of senior management before you try this; (3) Make sure at least one or two high-level people attend your meetings and buy-in to what you talk about.

Treat the IT folks like human beings. They may have perfectly good reasons for dismissing what you consider reasonable ideas. Perhaps they're seriously understaffed so that great desktop Linux rollout one of your users is convinced is the right idea just doesn't pay off for them, for example.

This may be Senior Managements Fault

[baggins2002 (654972)]

--No Backup Systems
--No Storage Space
These sound like budget issues. Do you think that if the IT staff, just tries really hard or is competent that they can just create File Storage and Backup Systems out of thin air.

A user revolt? Good luck!

[winkydink (650484)]

"but when you go carrying pictures opf Chariman Mao, you ain't gonna make it with anyone, anyhow."

Do you think you workin some kind of democracy? End users, have no budgets and as such, little influence.

Also, all of the issue you describe are operations and not applications-related. Unfortunately, if the PHBs are getting what they want from the apps (reports, closing the books, sales info, etc...), then nobody will give two cents abouyt bad ops.

The people you need to convince about your issues are executive management in your departments. If you succeed in doing that and enough of them talk to the CEO, there's a good chance that the CIO will be asked to come up with a plan to turn things around. If not, then either you and your compatriots did a poor job of making yoru case, or executive management is happy with the status quo. If that's the case, and you're really fed up with it, your only recourse may be to look for a new job.

wait...

[marcello_dl (667940)]

I AM the IT department, you insensitive clod!

Attit00d...

[HermanAB (661181)]

First, I think you have to read a little booklet by Dale Carnegie: "How to make friends and influence people".

Making demands and staging revolts is only going to get *you* fired. It won't resolve any of the technical problems.

Who the hell is in charge?

[TrappedByMyself (861094)]

It's simple. Lazy people are in charge. The whole committee/suggestion bullshit will do nothing, because in the end lazy people will still be in charge. One thing I've found is that no amount of processes will make up for someone who doesn't want to work.

Gather your allies and information. Details about what is wrong, why it's bad for the company, and how to fix it. Demand an audience with whoever is the highest person in the company you can meet with, and lay it all out. To be brutally honest, someone needs to be fired over this. Make this suggestion. Don't necessarily pick who, but make it clear that the people running IT aren't getting the job done. People outside the IT department shouldn't have to draft the job requirements of the IT department. If they know what they're doing, they'll know what to do.

If you can't get upper management to take action, then either suck it up and deal with it, or leave.

Knowledgeable user input? Yeah Right...

[DnemoniX (31461)]

I am the IT Director for a smaller organization, about 300 total employees. Every little complaint you have there is something that I have seen a hundred times over regardless of the firm. Let me explain where you have started to go wrong here. First mistake, assuming incompetence, instead of researching the root cause of any service problems. It is easy to just say, "Well Bob over there is an idiot". When maybe Bob is following protocol that he didn't establish. Or that the IT resources are stretched to the breaking point.

Ignoring knowledgeable user input, ok that I have a huge problem with. Everyone in the IT community, programmers come to mind the most often, seem to think because they work in front of a pc all day that they know their ass from a hole in the ground when it comes to managing a network or a server farm. Sorry but that it the absolute truth. I have interviewed countless people for jobs in IT, well over 50% of them programmers trying to get Sysadmin positions. When asked specific questions about administrative tasks the answer is almost always the same. I know something about it but I have never implimented anything like that. Everyone wants to be an expert, trust me you aren't.

Unable to sell needed changes. Have you considered that management and accounting do not see the corporate finances in the same way that you do? Some changes are simply impossible to sell. Unless your corporate focus is in technology some of the upgrades needed to improve infrastructure will always be lacking. The exceptions tend to be when the powers that be are directly inconvenienced. But the IT Dept probably caters to them quicker than any other department so they do not see the need. They pick up the phone and Bob is right there, where as you submit a trouble ticket and you are lucky to see someone in 48 hours.

Starting a revolt? Wow you guys are arrogant. Plain and simple. What makes people think that they know another departments job better than they do? Much less "demanding" services. Just astounding. You efforts would be much better spent working with the IT department to figure out ways to get management to invest in more staff, more training and equipment upgrades. That benefits everyone, and doesn't just stroke your self-important little ego.

Re:Knowledgeable user input? Yeah Right...

[xTown (94562)]

I agree. Reading the phrase "knowledgeable user input" reminded me of two things from my own work experience at a school district in the upper midwest.

1. The elementary school teacher who INSISTED that we replace all of our 100+ NetWare servers with Windows NT 3.51 because...I swear..."NT does everything that NetWare doesn't do. You can have individual user accounts with home directories!" When I pointed out to him that we had that under NetWare, that our NetWare servers were rock-solid (which they were), and that the school district wouldn't be able to afford the hardware, software, and training to make the switch, he complained to my boss that not just I, but the whole IS department was incompetent.
2. The middle school teacher who...I swear...wrote a letter to my manager saying that the school district should ditch all of its "outdated" AS/400s and replace them with Macintoshes. No, I'm not making it up. Why make the switch? "32-bit is the future of computing." I will never forget that phrase.

I wonder how the OP and these two teachers would take it if the IT guys started telling them how to do their jobs? Shoot, I've read some books about teaching, so I must know how to do it, right? I can add and subtract, and that's all you need to be an accountant, right?

Incompetent...

[wvitXpert (769356)]

"The IT department at my company (approximately some 500 people) is showing signs of incompetence"


The IT department at my company is incompetent. But I work for the goverment, so I guess that's to be expected.

Amid the attacks, an answer

[obtuse (79208)]

You're getting your head handed to you here and it may seem unfair, but by asking the question the way you did you demonstrate that you have no clue about actual IT responsibilities. Thus, it's impossible to take your idea of "knowledgable user input" serioulsly, much less your diagnosis of IT incompetence. Your IT department may be incompetent, but you have demonstrated that you are in no position to judge at present.

The answer to your question? SLA or Service Level Agreement.

It is reasonable to ask management what you should expect from IT. Find out what the SLA is or help create one. This will be a lot of work. You will encounter resistance, for no more sinister reason than that is hard. Just make sure this SLA takes into account senior management's requirements of IT as well. Perhaps IT incompetence isn't the reason management isn't providing the needed upgrades. An SLA provides some metric for performance. If the SLA is unsatisfactory, that is a matter to be taken up after performance against it is measured, but what amounts to a formal job description is a reasonable starting point.

There's good literature on all of this, and it's easy to find if you are interested in improving IT in your organization, and not just playing Napoleon. If you'd rather just whine and make everything worse, ignore everyone here and stage your little petty revolt. It will be easier, but if management has a clue at all, this will be a career limiting move for you. Cynically, either way, the SLA is the starting point.

I don't deny that IT can be incompetent, but it is rare in my experience. It occured to me that you were a troll, posting here. Regardless, there are others who really think IT is incompent because of their own ignorance, who would benefit from gaining a little insight into what IT is about.

If I worked with you, I probably would tell you this in person, and tell you who might have more insight into the actual priorites set for IT. I've had plenty of similar conversations with people over the years. It's just another part of the usual perception problem for IT.

Re:Common Occurence

[poot_rootbeer (188613)]

Our IT department has been downsized and now it is almost impossible to get assistance

O RLY?

Maybe this should have been a wake-up call to the bozos with pointy hair that they actually NEEDED all the headcount that used to be on payroll.