What Would You Demand From Your IT Department?

ZombieLine asks: "The IT department at my company (approximately some 500 people) is showing signs of incompetence, and has been ignoring knowledgeable user input for about a year. Additionally, they haven't been able to sell needed changes to senior management. Unacceptable server down time, maxed network storage, and no backups systems have hit the bottom line, and those on top are starting to notice. We users are staging a revolt to make IT more responsive to users by creating a group from the company divisions and IT to discuss needs and solutions. What would you put in our charter?" What services and responsibilities would you demand out of your IT department?

What would you demand from your IT users?

ZombieMime asks: "The non-IT employees at my company (approximately some 5,000,000,000 people) are showing signs of incompetence, and have been ignoring knowledgeable technology input for about a year. Additionally, they haven't been able to accept needed changes to senior management. Unacceptable computer usage, maxed bandwidth usage, and no common sense have hit the bottom line, and those on top are starting to notice. We geeks are staging a revolt to make users more responsable to IT by creating a group from the company divisions to discuss needs and solutions. What would you put in our meeting room to kill as many people as possible?"

From the non-tech perspective

As a non-technical person with enough engineering friends to get to this site and have an iota of what might be reasonable to expect from IT professionals, here's my list of expectations:

-Security of data: obviously no data is *absolutely* secure if the computer is connected to the net, but enough security that I could feasibly work with medical records and HIPPA-privledged information without constantly worrying about crackers. For those of you who don't know what HIPPA is, imagine a very protective law about patient confidentiality that can result in serious jail time if it is violated.

-Continual access (within reason): If there are natural disasters, power outages, or personal emergencies, then certainly one can't reasonably expect 24-hr access. At almost any other time, however, I'd like to be able to turn a computer on at the workplace and not worry about downtime or have to call someone to fix the system (as my colleagues and I do now).

-Work ethic: Nothing pisses me off more than lazy people, especially those who try to use technobabble to hide incompetence. If there is work to be done, then I'd like to dial up the local expert/employee and know that the problem will be fixed *quickly* and efficiently. Certainly there will be problems that require more time than others and nothing runs smoothly all the time, but no one should have to brook crap from employees who pad schedules. If there are problems, say so and at least *try* to explain them, don't go into geekspeak/technical language in hopes that I don't understand and give up and let them go back to (insert game here).

-Keeping me informed of new tech without trying to be a salesman: Not every new upgrade is worth getting and keeping up with the Joneses can be prohibitively expensive. Sure, new tech is very cool and I'd like a wireless device to use around my office to tie labs/patient data together, but that doesn't mean it's worth constantly annoying the boss for tech upgrades

-Honesty: Don't overcharge me or bend/stretch/break the truth with me. Medical professionals *seem* to be a prime target for fleecing among computer folks and I've heard horror stories about people paying several times market rate for upgrade and basic tech services. If you work for me, please be honest about all systems or equipment. If I've made a poor decision and there's new data, say so. If there's a better program/hardware setup out there and I'm not familiar with it or am being blindsided by the saleswoman, make mention of it. I don't have the time or patience to micromanage, if your job is technical material than I rely on your expertise and expect to be able to trust you and your decisions.

That shouldn't be too much to ask and is what I will expect of any technical employees I'd hire once I graduate and get a practice up and running a few years from now.

Re:From the non-tech perspective

- Security: How much of that data gets into hard copy that end-users leave lying around their cubicles, or is displayed on screen when users get up and walk away from their desks without *locking* their systems. How many people *share* userids and passwords so that they can login as each other *just in case* they forget their own passwords, or someone else can do their work for them.
Security is a two edged sword... To increase security - you the end user get the following. All traffic is encrypted. All fields that display sensitive information are invisible, unless you move the mouse pointer over it, and click (hold the click to see the info). All screen savers are locked on blank screen (no user customizable fancy dancy screen savers) - and set at 1 Minute, maximum - no user ability to change / reset this. All user systems have USB disabled, no cdrom drive, no floppy drive. All passwords must be a minimum of 8 characters long, have at least 2 numerics, 2 symbols, 2 capital letters and 2 lower case letters. Zero repeat characters, and no character can be used in the same position more than once in 16 months. Passwords must be reset every 28 days - no exceptions. All users must pass basic computer literacy / ability tests. You fail the test, you're fired. Internet access is restricted to Intranet and *approved* work related internet sites. Usage is monitored, and reviewed by supervisors monthly. Users must face the entrance to their work environment, with their monitors facing away from the entrance. Spot checks will be done to see if anyone has passwords written down, if they do - they're shit-canned. Anyone caught sharing / using someone else's password is fired - no questions asked. Supervisors caught logged in as one of their employees are also shit-canned. Supervisors have the ability to review their people's work, without logging in as the user.
- Continual access - Users get as much access as the business areas are willing to provide. IE - Continuous access costs money. Get the IT areas the money, they will get you the access. Clustered servers with snap-shot capable databases / filesystems are not cheap. Nor are the test servers needed to allow for full regression testing of each patch / update for every system in the office. All of these things must be provided for to get you your *full time access*.
- Work Ethic - Nothing *PISSES* me off more than lazy end users who say "can't you just?" or
"quick question" - especially when I've already answered the question 15 times previously. Nothing is ever as *simple* as you think it is. With today's systems that are interconnected at levels previously not even dreamed of - taking that simple table offline so you can *refresh* the data, causes 13 other business areas to sit idle until that data is made available again.
- Keeping you informed - While not every new technology is great, there are sooo many new technologies that *could* make your life easier, if only you could get over this *fear of change* you seem to have. Change is good - without it, we'd all be dead.
-Honesty: I've never stretched the truth, nor have I overcharged. However, the reverse is also true - don't ask questions like - "Honestly now, isn't it *physically* possible to do x/y/z?" Even when it's physically possible to do something you want, doesn't mean it's the right / correct / intelligent thing to do. Since it's our job to be technical, and *know* these things, let us do our jobs - without butting in with your inane prattling.
Remember - as a computer analyst, we are expected to be right 100% of the time, and aren't allowed to *experiment*. As a doctor, you are expected to be right 100% of the time - however, with computers if the *patient* dies - nothing but information is lost.

Re:how to remember a secure password?

No, the password criteria given above SUCK. 8 characters, 2 lower, 2 upper, 2 numeric, 2 symbol. There's too much information given away in the security policy about the composition of the password. Whereas a normal 8-character password would have around 90 possibilities for each letter, in this case, each character would have a maximum of around 26 possibilities - even less for some because numerics only have 10 possibilities. You really cut your password space down with overly-restrictive policies.

Of course, hard-to-crack passwords only matter in cases where it would be feasible for someone to try and brute-force the system without being detected and locked out. That's generally only possible against targets like encrypted files, not live system logins.

The only thing that is going to let people in to live targets via the normal user login (ie: Not through a bug/hole/exploit) is either easy-to-guess passwords (like spouse name, dog name, birthdate, etc - dictionary words are not necessarily easy to guess unless there would be some reason an attacker would be likely to guess the word) or through the user disclosing their password in some manner.

Of the two, user disclosure is more likely. Even with an easy-to-guess password, it's unlikely even a knowledgable attacker would be able to guess it in few enough tries not to set off any lockouts the system may have. In any case, you don't need to go to such a draconian level to prevent easy-to-guess passwords. Require two non-alphabetic characters in non-adjacent positions in the password, and you're pretty much safe.

The most likely route for password compromise is user disclosure, and there is no technical way to protect against that except for relying on additional, non-password security measures (keycards, biometrics, etc). You could try educating your users, but like that's going to work.

Re:how to remember a secure password?

"When the Nachi/Welshia worm got on our network we had to disable that rule. It tried account passwords so rapidly; every account that had a strong password and it couldn't get into, would get locked every 30 minutes. We couldn't unlock them fast enough."

You just illustrated what the users have been complaining about. Instead of cleaning your systems of the worm you are running around unlocking accounts. Leave them locked until you get the flipping worm off your systems THEN unlock those accounts. It isn't rocket science folks...

B.

Re:how to remember a secure password?

Thats because they are auditors and don't have a clue about security. Security is 95% psychology, and 5% technology.

A user password policy that is too restrictive means users will never remember them, and end up doing things like writing them on post-it notes and sticking them on the monitor.

A better solution is have easy-to-remember passwords (though not trivial passwords such as "password", the login name or "1234567890") and put in a 3-strikes-you-are-out rule and a hierachical user access policy - "need to know". Remember - 80% of attacks come from within. Don't trust your users.

Naturally, the root/Admin passwords for servers containing critical business data and de-encryption keys are long, complicated, regularly changed then written down and placed in an envelope in the corporate fireproof safe, along with the weekly backup tapes.

Re:3 months

28 days! Pshaw! You're just *inviting* the bad guys into your system if you follow such a lax plan.

Every day should start out with changing your passwords. You may have to hire a few more people who's job is to reset forgotten passwords, but when you have to do it constantly it shouldn't take more than a minute per person.

Of course, if the bad guys learn that everyone changes their password in the morning, it wouldn't take much effort to be in the right place at the right time and get unrestricted access to the systems for 24 hours.
So you'll want to back this up with some sort of bio-identity methods. Fingerprint identification, retina scans, and instant DNA testing.

Some people say that these aren't secure enough, that someone can get fingerprints, a DNA sample, and a picture of your retina. There is an easy solution to this if you just think about it, the daily random mutation of all your employees before they change their password and give a DNA sample.

Anything less than the method outlined above simply isn't secure.

Re:From the non-tech perspective

No one is going to use this password scheme they are too hard. You don't use passwords. They really aren't secure, you need a "something you have, something you know, something you are". For the "are" control access to the machines. For the password use a have and the password changes in a scheduled way every-time its used. Then for know use something much harder than a phrase
-- what was the name of that cute girl in 3rd grade?
-- what was your favorite restaurant in high school
-- What do you get mom for her birthday

The same question doesn't get reused for 180 days or so.

I Love Stupid Users

I come from a long helpdesk background and am now a senior developer at a mid-sized company. Unlike most of you nerds there's one thing I enjoy more than "being right" and that's "being lazy." That's why I love stupid users. I loved having a job where the biggest problem I faced in a day was telling a user to turn their monitor on. Or turn their capslock off. The worst job I EVER had was working with some very bright and very motivated individuals who were not geeks but were extremely competent in everything they did. The one thing they didn't know well was computers, and in that business you didn't need to know computers to make a crapload of money. But because they were all so brilliant, every little thing was nitpicked. Everything had to be done now now now. There were no easy problems and every day I was challenged to learn and perfectly perform something that I'd never done before with technology. There was always some shit on the line: huge fines from regulatory institutions, huge investments of money, hundreds of employees counting on your work. If the worst you have to deal with is someone dumber than you, you have it made. Make friends with your users, treat them like people, and soon you'll be in middle management, making bad decisions for a big salary.

Re:From the non-tech perspective

All passwords must be a minimum of 8 characters long, have at least 2 numerics, 2 symbols, 2 capital letters and 2 lower case letters. Zero repeat characters, and no character can be used in the same position more than once in 16 months. Passwords must be reset every 28 days - no exceptions.

Shhhh! Shhhh!!! Hear!

(cricket sounds)

Congratulations: this is the new empty office after everyone was fired for not being able to follow this terminally assinine password policy.

Re:From the non-tech perspective

I recall another organisation that had a similar policy. Their policy was that you were not allowed to have the a wheel in their cryptographic system in the same place on two consecutive days, and you were not allowed to have the all same wheels in the machine two days in a row (i.e. you had to replace at least one wheel and re-order the others). Something else that could have been described as policy, but was really an part of the machine's original design, was that no letter could map to itself in any configuration. The cryptographic engine was called Enigma, and the organisation that came up with this policy was the Third Reich. Now, I'm skirting dangerously close to Godwin's Law here, but I will continue.

At the same time, a bright young English mathematician named Alan Turing came into possession of this knowledge. He realised that these rules dramatically reduced the number of possible cyphertexts for any given plaintext (and vice versa), making the search space much smaller than it would otherwise have been. As a result of this, he and his colleagues were able to crack the encryption with the primitive computers available at the time.

Arbitrary restrictions on passwords are not sensible. Do not allow dictionary words and trivial permutations of them, since they can be cracked by a simple method, but any further restrictions only serve to narrow the search space for an attacker. The scheme listed means that most passwords will have two upper case letters, two lower case, two symbols and two numbers. This is an almost trivial subset of the number of possible eight character combinations of letters, numbers and symbols.

In summary, whoever came up this this policy is an idiot both for social and mathematical reasons. They should, therefor, not be allowed to interact with either humans or computers.

Re:From the non-tech perspective

=== If there is work to be done, then I'd like to dial up the local expert/employee and know that the problem will be fixed *quickly* and efficiently. ===

Only the fire department and the Marine Corps keep enough people on standby to handle any problem presented to them immediately (and even the Marines are a bit tied up at the moment). Every other entity queues, prioritizes, and triages. Your IT department *could* maintain enough knowledgable experts to answer your difficult questions in depth whenever you picked up the phone - I once worked with one that did. That department lasted a little less than 2 years; once senior management figured out how much it was costing they terminated it and replaced it with an outsourcer at 1/3 the cost. 1/5 the level of service, but that was not senior management's concern (and perhaps rightly so).

sPh

Re:*quickly* is relative

"As for checkwriting ability, good point, not something I'd considered off the top of my head."

Get used to unexpected consequences to your decisions, if you're going to run your own business. You MUST learn to think things through - i.e. "look before you leap". You have to do it as a doctor; so just remember to do it as a boss, too.

Today we rearranged our office. Impromptu - no planning - just "do it now" and "we'll figure it out as we go". Moving one row of cubicle dividers next to the wall meant that the power, phone, and data outlets along that wall were no longer accessible and the previously used outlets became too far away. Management said "no down time" and then had to accept down time for four production workstations while someone made a Home Depot run for extension cables - which, of course, are yet another kind of mistake. (Then there was a second run, as management had forgotten that power cables are not the only kind of cables . . .)

We needed to move our servers over by seven feet. "What do you have to take them down for? The cables will reach. We need our productivity!" So after sending everybody home when two of our 1-TB RAID volumes stopped communicating with the server, I got an earful from management about how we employees had bungled a "simple" rearrangement of the entire office. We employees also got blamed for "our" failure to plan!

I also got an extraordinarily polite ass-chewing from a Dell server tech about trying to physically move a running server with external RAIDs - and believe me, I did make it VERY clear to management that that move was NOT a good idea! We came very close to losing about 1.5-TB of data today; despite our backups the loss would still be hurting us months from now.

Hopefully you will do better.

Re:From the non-tech perspective

As the sole IT employee in my mid-sized company, I understand your wants. However, perhaps you don't see that you're micro-managing a bit?

My bosses want to be kept informed at all times. However, trust me and let me do my job. When I fix something, don't ask me what was wrong or how I fixed it. I don't have time to explain to you what you learn in 2 semesters of network infrastructure classes. Just back off and you'll be surprised how much an IT person will get done. Sometimes you just have to accept, "It was a problem with the hosts file and it was throwing off sendmail" without probing into sendmail.mc theory. And as far as explaining it in non-techie terms, I can only dumb down SSH tunnels and the TCP/IP protocol so much before I want to jab myself in the eye with a spork. OK boss, it works likes this. A computer stands up and yells,"Hey Server!!!". All the computers here it, but only the server yells back, "Yeah, what do you want?"

As an example, my boss was on vacation in Florida. While he was gone, in 1 week, I was able to complete more projects to improve business and workflow then I previsouly had since the first of the year. You know why I was so non-productive? My bosses demanded a military-like work ethic, wanted to be constantly informed, wanted to triple check the line items on a budget request for a freakin tape drive, etc. Without him breathing over my shoulder and constantly asking me why I had a browser open(that better be work related!) and without having to explain to him why DNS is so important to an AD network, I was able to do what he was trying to 'motive' me to do, actual work!

And just because you don't see me doing anything doesn't mean I'm not busy. Sometimes I have to push myself away from my desk and 'space out' for a bit while I brainstorm what the heck is wrong with the httpd.conf file.

IT is a tough job. If people don't know you exist, that means you're doing a good job. Conversly, they get the impression that you don't do anything since you're out of sight/out of mind. And ever since I bought that Time Management for Systems Administrators(previsouly reviewed on slashdot), it seems I have become more productive while giving the illusion of doing less work.

Re:What would you demand from your IT users?

Dear ZombieLine,
Maybe your company, like most others, is drastically underfunding the IT department, expecting superhuman performance on less than shoe-string budgets, while every day demanding all new buzzword compliant services and ignoring IT requests for additional warm bodies. Not to mention the fact that you are using high maintenance Microsoft Outlook type services while surfing for pr0N and jam packing your mail server full of the latest Happy Fun Tentacle Rape Party videos that everyone is mailing around.

Unacceptable server downtime? Are you clustering critical services?

Bad backups? Chances are your company is very content with single tape drives that the sysadmins can swap tapes from rather than having a good tape library with enough licenses to cover all servers with a decent retention time.

Maxed network storage? Are you paying for more RAID disk shelves? Or are you still feeling brilliant telling your IT staff all about how "you can get an IDE 200GB drive for $50 at Staples, so why can't that be plugged into the EMC or NetApp fileserver?"

My recommendation: stop demanding Five 9's of service and stop expecting services to never reboot or need maintenance if you aren't going to fund it. Stop dicking around at being a business and spend money to make money. Otherwise, save everyone time and bend over to your competition now. You can recommend all the fantastic new upgrades and services, but if your company doesn't recognize the value of improved infrastructure services, and an educated staff, you don't deserve to stay in business and sooner or later Darwin will rear his ugly head.

Get your little posse of idiots together an ask senior management why they are refusing to fund the needed changes. You might be pleasantly surprised to find out that they have no friggin clue about how to manage IT. Or maybe you haven't been paying enough attention to quarterly financial reports to realize that your company is experiencing a classic symptom of the death spiral.

Oh, BTW, you're an asshole. You and your 2Live Crew can go fuck off.
Love,
Shokk

Re:What would you demand from your IT users?

My pet peeve is being told what platforms to support, training budget spent on hardware, having to support a single server that needs to have 24/7 uptime built on commodity hardware, having end users think that a 250 gig hard drive for $150 is going to cut it as enterprise grade hardware, being pestered for every little thing that remotely has to do with IT, answering the exact same question over and over, even though you spent the time to put up a FAQ on it after the same person asked you the answer every damned day. I hate the fact that end users destroy their systems, lie about what websites they go to when you know exactly where they are going, what they are doing, what link they clicked on. I hate the fact that they decide to go to your supervisor before coming to you, and you get shit on because he has to break up his day and deal with an irate phone call because when you told the user that you were aware of the problem, and were working on it, and nothing has changed in the last five minutes, that was too much for them.

The big thing that you need to have a qualified IT department is an actual department. Put training schedules in place, and anyone who isn't performing due to a lack of technical knowledge should be first retrained. Make a gameplan for your business, and ensure that you ask the IT managers to attend the planning. Keep them in the loop, and make sure that you have the equipment to make the initiative happen. Make certain that there are proper procedures in place to handle issues, and the staff and resources to fix them.

Re:What would you demand from your IT users?

I like anyone to show me a 200gb SCSI drive for any price. The only SCSI drives I have seen recently jumped right from 146GB to 300GB flavors.

I bought 20 of these 300gb scsi monsters. At 1500 bucks a pop!

They wanted to upgrade an aging 20 node Single Athlon MP Cluster. I told em it'd be cheaper to buy new hardware than to upgrade them to 2 cpu's, quadruple the ram and add 300gb scsi hard drives.

Originally = 1xAthlon MP 1800, 1 Gig Ram, 1x76gig HD
Upgraded = 2xAthlon MP 2800, 4 Gig Ram, 1x300gig HD & 1x76gig HD

They didn't believe me. . .

When these old, out of warranty machines, started having all failures (mobo/power supply) it was my fault! Try as I could, I couldn't get replacement parts. The legacy parts, ATXGES (Non-Standard) power supply and discontinued mobo were nowhere to be found. . .

The guy who posted this "ask slashdot" probably knows more about his local IT department than I do. All I can say is that I got a reputation very similar to the posters IT dept. Incapable of keeping servers up, yadda yadda yadda, even though I had made it clear that this was NOT the way to go. Just because IT is in charge of it, doesn't mean they created the mess. . .

Re:What would you demand from your IT users?

"you have not seen how busy a competent IT technician is"

A competent IT technician has just enough time on his hands to learn new technology and retain sanity. A competent IT technician does not give users access to anything that could cause unpredictable consequences and makes sure that the systems they do have access to don't have problems in the first place.

An IT guy who is constantly running from place to place is the result of one (or more) of three things.

1. An understaffed department. Your IT guy is not working the floor in a retail outlet, if he's on his feet or crawled under a desk most of the day you need more IT guys.

2. An imcompetent IT guy (or IT decision maker causing IT guys to perform IT tasks incompetently). When IT is done properly there are not fires everywhere to put out.

3. Incompetent users. Incompetent users are the types who keep the IT guys busy fixing phantom problems, doing user training, or bug them with water cooler talk that fails to recognize that IT guys don't like people or talk. Your IT guy does not care to tell you about the cell phone or digital camera on the market.

Re:What would you demand from your IT users?

Horseshit! IT support IS about users and you'd better learn how to talk to them if you want to keep working in IT. RTFM as a response to stupid user questions will eventually get you your walking papers.

Wrong. Many supposed IT problems should actually be solved by HR with a good talking to about abuse of company resources and how that might limit your career.

Calling IT when you forget your password for the 5th time that month or with some dumb question because you are too lazy to crack open a manual is no better than stealing office supplies or equipment. It's all just stealing resources.

20% of the users create 80% of the work for IT.

Right On Brother Barron!!!

You give 'em hell!! Speaking as a user, I can say that I could put together an entire server room in a week using off the shelf parts from CompUSA and Best Buy. And it wouldn't cost the millions that most IT departments spend on those elitist devices like SCSI drives, ECC RAM, DLT tapes, Cisco Managed Switches and SANs. The first thing I'd do is build a big system based on the latest gaming system specs (since gamers push the technology envelope) and cram it with ten 300 gig SATA drives. That's 3 terabytes of storage (more than those piddly SANs!) and at a fraction of the cost. Then I'd make sure had a dual layer DVD burner in it for backups. That way WE could have full backups on really inexpensive mediums. When I saw the price of a DLT II tape on an IT invoice, I nearly flipped. They're TOO expensive!!!!1111!!! Then I'd throw Windows 2003 Server on the box to manage all this stuff in one place. A few Linksys or Netgear switches can start connecting the resst of the networks together and they'd be WAYYY cheaper than the highway robbery that Cisco foists on us through our IT elitists.

The workstations would be even easier. I'd buy everyone the $300 AMD specials with Windows XP Home. That way they'd be more familiar with the OS since they probably have XP Home at home too. Just plug them into the network and away they go. They can all get their IP address from the Linksys router like I do at home and then they're online easy as pie. Don't need to get out any stupid manuals to manage Cisco switches or anything like that. All the gobbledygook is just for elitist snobs. For restoring a PC if it gets hosed, I'd just use a copy of Ghost. Sometimes you can even get Ghost for free if you buy the right hard drive. Just hook up a laptop with Ghost to a PC using a USB cable and make an image to burn onto a DVD. The next time the PC needs to be revived, just grab the DVD from the pouch on the side of that box, pop it in the laptop and Ghost the other way around! Easy as pie and FAST too!!

In this day and age, what company with a competent IT staff does it's own e-mail? I've been trying to tell the folks in my IT department to ditch our mail server (some antiquated Unix based thing that nobody really likes) and just let everyone get Hotmail accounts. Now that GMail is around, that's an option too since they give you a pretty comfortably sized mail box as opposed to the meager offerings of the clueless IT staff. E-mail should be able to hold whatever I put into it no matter how much or how big. Period.

The voice over IP thing is easy too. Just buy a VOIP box from Linksys and get a Vonage account for every group of ten users you've got. You'll need multiple DSL lines to do it, but that would still be far cheaper than having one of those snobby PRI or T1 lines to carry your voice traffic. Speaking of which... why on earth is anyone using T1s and T3s these days? They're so costly and they don't perform anywhere near what I get on my cable modem at home. Just get cable modem and be done with it. Your users will thank you forever.

Barron, I'm glad you gave me a chance to get that out there. The users need to know the truth.

from personal anecdotal experience

Your company may have IT problems if any of the following has happened recently:

• your company has right-sized the work force (could cause loss of corporate memory since right-sizing is usually code for age discrimination
• decided to become a [insert technology here] shop by executive fiat with no input from IT staff (could de-moralize IT staff, they're not going to care much if their input isn't being counted)
• changed the review process (more de-moralization -- they're (reviews) usually not changed in a positive way)
• eliminated bonuses
• implemented mandatory overtime (I've experienced this many times -- it's the best way to instill attitude in an IT organization)
• gotten a new CEO soon to loot your company and run (I experienced this... once I experienced a half million loss in options and 401K it was hard to like what my company had become when the CEO walked away with $500M)
• frozen pension benefits (ditto)
• cut back on medical coverages (ditto)
• implemented a required "certification" process for IT staff (gag)

There are many more -- these are just a few I've experienced that exclaimed "improved [insert your favorite trait/characteristic here]" and had mostly the opposite and unexpected (to decision makers) results.

(btw, your "500" count is listed after the mention of your company, it's not clear if you're talking about a company of 500 employees or a company for which it's IT segment comprises 500 employees...)

Re:Was IT outsourced to EDS?

I bid against EDS on a contract. We were cooperating with IBM. We both agreed that the cost for the project would be 20x to implement we bid 30x. EDS came in at 8x.

BTW EDS has lost money on virtually every contract. I don't think its kickbacks they just underbid cost and then try and make it up on other charges.

You missed a biggie- $$$

Was their BUDGET cut years ago, and never brought back up.

A lot of people I know tend to blame IT staff for lack of space, lack of bandwidth etc. when problem was that IT dept could not afford to purchase equipment to upgrade a service, and they just tend to use all the budget to maintain status quo. Trust me all IT folks out there LOVE to push out new technology, increase storage, better networks, and reduce helpdesk calls. But a lack of staffing and money can put a damper in the best of IT staff in the world.

ITIL

The UK-based ITIL initiative describes in gory detail a collection of best practices that IT can follow to provide better service to their customers. They can do as much or as little of the whole program as they want, and it can even be driven from the outside by the user community if absolutely necessary. Obviously, if there's cooperation it works better, but if they roll their eyes at "another total quality management initiative" (which it's not) you can still use the terminology and methods and eventually drag them into it.

http://en.wikipedia.org/wiki/Information_Technolog y_Infrastructure_Library [wikipedia.org]
http://www.itil.co.uk/ [itil.co.uk]

Re:ITIL

I have to post this one as AC, sorry.

The UK-based ITIL initiative describes in gory detail a collection of best practices that IT can follow to provide better service to their customers. They can do as much or as little of the whole program as they want, and it can even be driven from the outside by the user community if absolutely necessary. Obviously, if there's cooperation it works better, but if they roll their eyes at "another total quality management initiative" (which it's not) you can still use the terminology and methods and eventually drag them into it.

The company I work for decided to "implement" ITIL about five years ago. It has improved nothing, and has essentially just served as a different set of buzzwords for managers to use.

What it reminds me of is an article I read about the US military and its "transformational" thing a few years ago. Everyone and their mother was scrambling to claim that their pet project was a great example of a "transformational" weapon, even though they changed nothing about it.

Have you thought about...

Outsourcing to someone else?

Seriously, if you're going to have a department of lazy, inefficient slugs, you might as well have them for cheaper :-)

In addition, the very threat might make your IT department shape up real quick...nothing like the threat of losing your job to light a fire under your butt and get working.

By the way raymondsimms@hotmail.com I'd be careful using fullnames around stuff like that. An IT guy at your company is probably checking the company database right now for names that match that...prepare for the vengeance of an IT Guy.

Re:Have you thought about...

Ooh! Good idea. I'll check for him tomorrow when I get in to work.

First thing to demand - an SLA

You need to map out your requirements and then formulate them into an SLA, a Service Level Agreement. Then get your management to agree to it and take it to the barganing table. Make it clear that this is what they (the IT department) will be measured and evaluated against. If they can't agree to it, then get them to counterproposal. But, what ever you do, get it in writing in the form of an SLA, with the bosses on board... The particulars about what services and what responses and what responsibilities you want from them are details that go into the SLA. Once you hash out the details, get them locked into that SLA, though...

3 easy steps

Step 1: Find a Bofh
Step 2: Unleash the bofh into the IT department
Step 3: Rightly cower in fear and reverence of the new effective (and renamed!) Network & Systems department.

What are we starting with?

"Unacceptable server down time, maxed network storage, and no backups systems have hit the bottom line, and those on top are starting to notice."

I don't know your situation... but maybe more money is needed for people, equipment, etc etc. You can demand all you want, but if you don't pony up the resources... *shrugs* You get what you pay for.

performance criteria, & resources to meet them

set down what is reasonable in terms of expectations (not more than "x" minutes of downtime during business hours every "y" weeks, scheduled downtime compared to unscheduled downtime. I would have thought that data storage would be part of your record keeping requirements for your Quality management system, just as the system should spell out how you should be filing your correspondence, verifying your work, and all the other mundane bits of Quality in a business

I think that if your IT team have been beaten into submission by a tight-fisted upper management, they may well know that things are not as they should be, but know that no matter how hard they push, upper managemtn wont do anything until it becomes a crisis. More of a sense of resignation, and coping from day to day rather than implementing the best practise they know that they should have

my old office had a server die and take down all the files for a day or so during business hours due to a faulty power supply. no hot swappable power supply on that server. They were continually running out of server space for files (not due to massive mp3 libraries sitting on the server either), which seemed mad to an end user who just wanted to know that things would be able to be saved.

They also had two email gateway servers (i'm not in IT so i may be using jargon incorrectly) and periodically one would fall over, and every other email would fall into a black hole, with no bounceback or indication your email wasn't lost. It got so bad that i would phone people when critical emails were coming through so i could be sure that they were receieved.

the firm I am with right now has a really good internal help desk system which quickly answers user queries, and the system is set up so well that you become oblivious as to the system because you can just get down to doing your work rather than worrying about how stable things are.

No Brainer

This is beyond a no-brainer. I actually doubt the authenticity of the story based on how the real world works. Or maybe the poster is really in a 25 person company or something.

Anyway, here is how it works. Your department has IT needs. These needs are written down. The IT department has guaranteed services it provides. These are written down. Your department takes a budget "hit" to pay for an internal IT department. These are the givens.

Now, if IT does not provide services you NEED/REQUIRE (like backup, duh), then you go to the whomever is above both departments (COO, VP of division, president...) and you show the mismatch. This is not a complaint, just a reason why you are increasing your budget next year to get the services you need to succeed.

Of course, you are keeping a log of all incidents that are occurring and a log of down time and a log of costs to you as a result, etc.

Look, business people are not idiots. The 3 previous paragraphs I write above are beyond no-brainers. Why is this stuff so non-obvious to today's geeks??

It sounds like your company has other issues...

It sounds like your company has other issues beyond an unresponsive IT department. You indicated that IT has been unable to sell necessary changes to senior management. Are you positive that senior management agrees that changes are needed or that they actually understand the seriousness of the problem? You might find that IT feels that their hands have been tied and have nowhere else to go since senior management isn't helping them.

A group of users making "demands" of the IT department is somewhat inappropriate. Yes, the IT department exists to help users with their work, but their priorities are set by senior management. If you plan to create some kind of IT Steering Committee, I would recommend a few things: (1) Lose the attitude -- all you'll do is put the IT folks on the defensive (and remember, since you're not in their group, you may actually have NO idea what priorities have been laid out for them by senior management); (2) Get the blessing of senior management before you try this; (3) Make sure at least one or two high-level people attend your meetings and buy-in to what you talk about.

Treat the IT folks like human beings. They may have perfectly good reasons for dismissing what you consider reasonable ideas. Perhaps they're seriously understaffed so that great desktop Linux rollout one of your users is convinced is the right idea just doesn't pay off for them, for example.

This may be Senior Managements Fault

--No Backup Systems
--No Storage Space
These sound like budget issues. Do you think that if the IT staff, just tries really hard or is competent that they can just create File Storage and Backup Systems out of thin air.

A user revolt? Good luck!

"but when you go carrying pictures opf Chariman Mao, you ain't gonna make it with anyone, anyhow."

Do you think you workin some kind of democracy? End users, have no budgets and as such, little influence.

Also, all of the issue you describe are operations and not applications-related. Unfortunately, if the PHBs are getting what they want from the apps (reports, closing the books, sales info, etc...), then nobody will give two cents abouyt bad ops.

The people you need to convince about your issues are executive management in your departments. If you succeed in doing that and enough of them talk to the CEO, there's a good chance that the CIO will be asked to come up with a plan to turn things around. If not, then either you and your compatriots did a poor job of making yoru case, or executive management is happy with the status quo. If that's the case, and you're really fed up with it, your only recourse may be to look for a new job.

wait...

I AM the IT department, you insensitive clod!

Attit00d...

First, I think you have to read a little booklet by Dale Carnegie: "How to make friends and influence people".

Making demands and staging revolts is only going to get *you* fired. It won't resolve any of the technical problems.

Who the hell is in charge?

It's simple. Lazy people are in charge. The whole committee/suggestion bullshit will do nothing, because in the end lazy people will still be in charge. One thing I've found is that no amount of processes will make up for someone who doesn't want to work.

Gather your allies and information. Details about what is wrong, why it's bad for the company, and how to fix it. Demand an audience with whoever is the highest person in the company you can meet with, and lay it all out. To be brutally honest, someone needs to be fired over this. Make this suggestion. Don't necessarily pick who, but make it clear that the people running IT aren't getting the job done. People outside the IT department shouldn't have to draft the job requirements of the IT department. If they know what they're doing, they'll know what to do.

If you can't get upper management to take action, then either suck it up and deal with it, or leave.

Knowledgeable user input? Yeah Right...

I am the IT Director for a smaller organization, about 300 total employees. Every little complaint you have there is something that I have seen a hundred times over regardless of the firm. Let me explain where you have started to go wrong here. First mistake, assuming incompetence, instead of researching the root cause of any service problems. It is easy to just say, "Well Bob over there is an idiot". When maybe Bob is following protocol that he didn't establish. Or that the IT resources are stretched to the breaking point.

Ignoring knowledgeable user input, ok that I have a huge problem with. Everyone in the IT community, programmers come to mind the most often, seem to think because they work in front of a pc all day that they know their ass from a hole in the ground when it comes to managing a network or a server farm. Sorry but that it the absolute truth. I have interviewed countless people for jobs in IT, well over 50% of them programmers trying to get Sysadmin positions. When asked specific questions about administrative tasks the answer is almost always the same. I know something about it but I have never implimented anything like that. Everyone wants to be an expert, trust me you aren't.

Unable to sell needed changes. Have you considered that management and accounting do not see the corporate finances in the same way that you do? Some changes are simply impossible to sell. Unless your corporate focus is in technology some of the upgrades needed to improve infrastructure will always be lacking. The exceptions tend to be when the powers that be are directly inconvenienced. But the IT Dept probably caters to them quicker than any other department so they do not see the need. They pick up the phone and Bob is right there, where as you submit a trouble ticket and you are lucky to see someone in 48 hours.

Starting a revolt? Wow you guys are arrogant. Plain and simple. What makes people think that they know another departments job better than they do? Much less "demanding" services. Just astounding. You efforts would be much better spent working with the IT department to figure out ways to get management to invest in more staff, more training and equipment upgrades. That benefits everyone, and doesn't just stroke your self-important little ego.

Re:Knowledgeable user input? Yeah Right...

I agree. Reading the phrase "knowledgeable user input" reminded me of two things from my own work experience at a school district in the upper midwest.

1. The elementary school teacher who INSISTED that we replace all of our 100+ NetWare servers with Windows NT 3.51 because...I swear..."NT does everything that NetWare doesn't do. You can have individual user accounts with home directories!" When I pointed out to him that we had that under NetWare, that our NetWare servers were rock-solid (which they were), and that the school district wouldn't be able to afford the hardware, software, and training to make the switch, he complained to my boss that not just I, but the whole IS department was incompetent.
2. The middle school teacher who...I swear...wrote a letter to my manager saying that the school district should ditch all of its "outdated" AS/400s and replace them with Macintoshes. No, I'm not making it up. Why make the switch? "32-bit is the future of computing." I will never forget that phrase.

I wonder how the OP and these two teachers would take it if the IT guys started telling them how to do their jobs? Shoot, I've read some books about teaching, so I must know how to do it, right? I can add and subtract, and that's all you need to be an accountant, right?

Incompetent...

"The IT department at my company (approximately some 500 people) is showing signs of incompetence"


The IT department at my company is incompetent. But I work for the goverment, so I guess that's to be expected.

IT managment advice from untrained geeks roxorz!

lets pull this little ditty to bits...
"The IT department at my company (approximately some 500 people) is showing signs of incompetence, and has been ignoring knowledgeable user input for about a year.
Hmmm...well lets get to that 'incompetence' thing a little later.
But as for "ignoring knowledgeable user input for about a year"...lemme see, you've been harping on about something for a year to the IT department?
Well, what is "knowledgeable user input" anyway? "At my old company we used to..." or "my friend who is an IT genius says..."
Seriously, if you have a suggestion, detail it and submit it to the IT manager and cc it to your manager.
Berating some poor schmuck when he comes to help you format a word doc is not an effective change management strategy!

Additionally, they haven't been able to sell needed changes to senior management.
LMAO...but somehow you and your band of IT-vigilantes is going to change the world? Good luck!
So IT ARE going to management with suggestions, but are getting knocked back?
So somehow you equate managements lack of willingness to resource your IT department to be a failure of the IT guys lack of bargaining skills...not a boneheaded lack of foresight on behalf of your management team?
Wow...tough crowd...

Unacceptable server down time, maxed network storage, and no backups systems have hit the bottom line, and those on top are starting to notice.
GOOD! Now "those on top" need to find the money they should spent on protecting their investment in the first place.
You do realise that IT guys dont just down servers for no reason, dont you? You probably do...or you think they do it on purpose just to piss you off.
And while you're sitting around moaning about how long it's taking for you to be able to get back onto /. because of server downtime, they're running around like headless chooks trying to patch up an obviously ailing (underfunded?) system.
From your comments so far, I'm assuming you are not one of the "knowledgeable user's" you mentioned before.

We users are staging a revolt to make IT more responsive to users by creating a group from the company divisions and IT to discuss needs and solutions.
Yeah, you go girl!
Nice of you to harass IT some more. After all they have nothing better to do than sit in on your moanapolooza.
Why not form your little revolt and march on the guys that will have to OK and pay for your demands...oh wait, lemme guess...'cause if you did you'd get your ass fired!
Face it, you dont want a solution or you would go to the people who can effect change. You want to vent. Well, you have...does that feel better?

What would you put in our charter? What services and responsibilities would you demand out of your IT department?
Well, first up...I'd want suitably qualified and trained professionals in charge of the decision making process.
And as your "knowledgeable user's" are neither...I'd demand that they get trained or STFU.
Then I'd demand that the reasons for management knocking back IT requests be made public.
Im hoping the moment management have to front staff and explain why there will be "no increase in storage" or "no funds for disaster recovery" will be one of those life changing events for you...when you realise IT budgets have to be approved or people (like you) wont get what they want, so that you then take the fight to those with the money and leave your nerds to get on with keeping your sad little network up and running.

If you really want to help your IT department effect a postive change, quit harrasing them and take your fight to the people at the top who are ultimately responsible.
Find the guys that sign's off on the IT budget and ask them why server space hasn't increased to meet demand.
Because the answer is either your IT department is siphoning off $$$ to day-trade with, or there was nothing budgeted to allow for it.

Business Analysis

A wise man once said: Whatever you don't understand, must be easy.

What I would suggest is to look at your IT Strategy. SLAs are useful for IT Management as a measure of how things are operating, just as is downtime, percentage usage, and costs of operations. Don't listen to anyone who suggest decentralization. We had some of that at my job. It is a nightmare. Incompatable "Best of Breed" systems and finger-pointing results. Costs rise quickly with decentralization too.

Sit down with your IT management. List out facts. Don't fingerpoint. Just say: we are lossing x amount of cash due to issues with our systems. Have use studies on how you do business. Have predicted growth forecasting on systems load. Have your internal controls (audit) department monitor the disaster recovery plans and get an outside consultant to look at those plans. Get your IT Management to see your issues. Get a data retention policy and remove that data once it is too old.

That said, realise that you might be the cause of the issues. How many years of journal entries do you really need? How much customization do you insist upon to make the systems work with your archaic business processes when you should be changing your business processes to work with the systems? How many times does your senior management hamstring IT's budget and capital improvements? Listen to what your IT Management says and if they have a compelling reason for something; then by God, give it to them.

They should work as a team

And if they can't work as a team, they should be fired and security should escort them from the building. And if security can't work as a team, then they should be fired as well.

I even love saying the word team. You probably think I have a picture of my family on my desk - it's not. It's the A-Team. Bodie, Doyle, Tiger, Jewellery Man. The whole lot of them.

Management is almost always to blame

I am an IT consultant, and I make my living cleaning up the mess left behind by incompetent IT staff and management.

Many times, an organization starts out small, and the most 'IT savvy' person in the office cobbles together a 'server' and 'network' from some old PCs and some network gear they bought from the office supply store on the corner. I arrive to find a Windows Workgroup (ugh) or poorly implemented Active Directory with a host of replication issues, orphaned objects and broken name resolution. Today I worked on a production network that was running their directory services, print queues and files shares off of a 120 day evaluation copy of Windows server!

There are usually local user accounts, local printers shared off of a workstation, no redundancy, broken or no backups, physical layer problems (bad wiring) and a host of other problems. Quick fixes that were implemented over the course of years are now recurring problems that suck up the majority of the IT staff's time.

These same kinds of problems can plague a large organization, albeit they may present as slightly different symptoms. The cause is always the same: inability of management to see the big picture. This lack of attention to detail starts with management and trickles down.

The way to fix this is to get upper management to recognize that there is a problem. Unfortunately, this often would require somebody to admit that they aren't doing their job. Good luck with that. 90% of the time I find that this type of wholesale cleanup and reengineering only happens during a regime change.

What I expect

I quote jobs on the basis of "bring my own computer" and the basic software for it. I expect the IT dept at the jobsite to provide:

1. Email access to the local system through something like IMAP or POP, but I'll settle for Lotus Notes in a pinch.
2. Network filesystem access for my workstation, either direct or VPN. No remote terminals! My software is needed to do my calculations, and if I can't store the files on "your network", then I'll store them on my hard drive and too bad for you.
3. Filesystem access from remote locations (home, other offices). I travel a lot and can't get much done if I'm limited to working in "their" office.

In return, I promise the customer:

1. To provide a PC with all relevant security patches installed, and virus protection enabled.
2. To use Client sanctioned applications where, in my professional opinion, they are capable of performing the tasks. This usually means Microsoft Office and usually means I get in a scrap with the IT guys when Excel is mandated for doing material balance [agdconsulting.ca] or matrix calculations [agdconsulting.ca] - both duties it is not suitable for. (Anybody able to explain to an IT dude what a Singular Matrix is and why it is not Invertible, in spite of what Excel does?)

-AD

Resolutions to your problems...

Generally, I've found that when you get a bunch of idiots in a room, not much useful happens. A lot gets said, a lot of plans get laid. Not a lot of real work gets done.

Generally speaking, the solution to incompetence is to fire people. Generally starting at the top, and replacing them with competent people. They will generally proceed with the firing. Meeting to discuss their lack of competence isn't going to help. It's generally a situation of the blind leading the blind (if you were really good at large scale IT, why don't you actually work there, short of previous experience, running a corporate network generally has little to do with personal experince on a home network. If it really is such a problem, you should apply for the job with seriously good incentive based pay). As someone who was one half of the IT departement (SA, programming, help desk, DBA duties) at a fast growing company that went from 10 to 150 people in about 4 years, I can assure that most users outside of IT have no idea what is easy, and what is hard. The number of stupid requests put in by "knowledgable users" was insane.

Lack of backups is a serious problem. However, you haven't described why. In my experience, it's a lack of budget or priority. Generally speaking, good backup units are one of the single most expensive pieces of equipment an IT place will purchase (backups generally scale with the type of IT equipment you buy, if you buy $10K servers, your buying $25K backup libraries. If you purchase $1K servers, you buy $2-4K tape drives. I've never been purchasing $100K+ computers, I'm not sure what type of tape solution they need). The next most common reason for no backups, is literally not enough hours in the day, or backups are such a tremendous strain on the production systems that they can't be run during business hours. Which means that they can't finish. I've seen a fully justified case of not making backups as it literally wasn't cost effective. We could have made backups, but just regenerating the data was far more cost effective. The hardware and software we needed just wasn't justifiable for the volume of data. Critical data we made backups of. The scads of other data we had that turned over regularly wasn't worth it. In the end, we ended up building a hot spare and kept short term online backups on it. Getting a tape unit capable of the storage requirements was too expensive. We generated about 1-2TB/hr, 99% of which would never ever be needed again and after two weeks it was so outdated it had no value. We processed the 1% upon being identified. So backing it up was just stupid. Unless a bug was found in the identification algorithm, then it was useful to have the other 99%. Generally, you just started with the oldest data still of use and processed it all again.

Lack of storage space, is generally attributable to users if users don't have a quota. Given a group of 2 people, at least one of them is a digital pack rat. I'd say given a group of 1, but I've seen a handful of non-pack rats. For the record, I'm a pack rat, but when I am good about cleaning up when disk space gets tight. In my experience, the solution to storage is to parcel it out by type of usage. 80% of the usages will have no problems. The others will use petabytes of storage if they are given access to it. At which point, it's strictly a budget issue and resolving the issue with the users. Generally speaking, near-line storage on CD or DVD that the user could burn themselves, or spooled for an IT professional to do was the solution. We did all CD's of data in triplicate. The original user got one, their supervisor got one, and the IT department held onto one. CD's go bad, and people tend to lose them, hence the three copies held by independent people. What is needed is an archival plan for moving data from online to offline, or deleting it.

Kirby

Speaking for the IT Dept.

First off. No they aren't idiots. Take the one line

Additionally, they haven't been able to sell needed changes to senior management.

Has it ever occured to you that the fact that things are working at all is a testiment to how hard the IT people are working. Do you have any idea how many systems they have in the data center that reached their predicted EOL 3 or 4 years ago, and the front office refuses to allow them to replace the system when the HDD fails because it looks better on the bottom line to spend 75 bucks on a cheap 40G drive instead of the 300G needed for expansion. Do you know how many times they've been forced to configure some dumb piece of crap software because end users had to have it to prove their manhood. Or even more importantly they had to have it because they are too dang lazy to move to a more secure product.
No it's easier as an end user to just sit back, and play both ends (Management and IT) against the middle. Perhaps just for once you and other end users could try working with us instead of against us. Just once try and understand that the easier we make your life the easier it makes ours and vice versa, meaning I'm not suggesting the change to bother you, I'm doing it to protect you.
My fear is that in your company, end users and management deserve each other. One group to bent on the right now bottom line. The other group bent on using IT as an excuse for not being able to meet unreasonable demands made by the same management that can't see past todays ink.
The first step in any situation like this is to ask yourself the question. What am I doing wrong. Stop trying to fix others problems before you bother to fix your own.

Amid the attacks, an answer

You're getting your head handed to you here and it may seem unfair, but by asking the question the way you did you demonstrate that you have no clue about actual IT responsibilities. Thus, it's impossible to take your idea of "knowledgable user input" serioulsly, much less your diagnosis of IT incompetence. Your IT department may be incompetent, but you have demonstrated that you are in no position to judge at present.

The answer to your question? SLA or Service Level Agreement.

It is reasonable to ask management what you should expect from IT. Find out what the SLA is or help create one. This will be a lot of work. You will encounter resistance, for no more sinister reason than that is hard. Just make sure this SLA takes into account senior management's requirements of IT as well. Perhaps IT incompetence isn't the reason management isn't providing the needed upgrades. An SLA provides some metric for performance. If the SLA is unsatisfactory, that is a matter to be taken up after performance against it is measured, but what amounts to a formal job description is a reasonable starting point.

There's good literature on all of this, and it's easy to find if you are interested in improving IT in your organization, and not just playing Napoleon. If you'd rather just whine and make everything worse, ignore everyone here and stage your little petty revolt. It will be easier, but if management has a clue at all, this will be a career limiting move for you. Cynically, either way, the SLA is the starting point.

I don't deny that IT can be incompetent, but it is rare in my experience. It occured to me that you were a troll, posting here. Regardless, there are others who really think IT is incompent because of their own ignorance, who would benefit from gaining a little insight into what IT is about.

If I worked with you, I probably would tell you this in person, and tell you who might have more insight into the actual priorites set for IT. I've had plenty of similar conversations with people over the years. It's just another part of the usual perception problem for IT.

A management problem - not a technical one

At all three companies where I've been an IT worker, there has been a common problem: managers who are generally good managers - good people skills, organizational skills, ability to look at the big picture - but who advertise their "technical ignorance" to anyone who will listen. They let the IT department and all other departments know that they will defer to the IT department on technical matters.

So, you end up with technical decisions that serve the people who deal with technology, as opposed to serving the users who are doing the main work of the company, or serving the company's goals as a whole.

I'm not sure what causes effective managers to decide to take a different approach to technical issues than they do with others, but I'm convinced that's the root cause of the sort of problem described by the poster.

I believe top management - and department managers, following their lead - should be pressing IT managers to break down technical issues to the point where they can make effective decisions. When the IT manager says "it will take 3 months to set up a new mail server" and the sales manager throws her hands in the air, their boss should sit down with the IT manager and make them explain what the factors are that will make it take that long. And if it's too technical and they don't understand, they should SAY so, and make the IT manager explain it again. Until they understand. Then, they should say things like "what would it take to do it in 1 month?" and by that time, they should be informed enough to reject bullshit answers like "we need another $75k employee."

"technical ignorance" is not an excuse, when you have people on staff who are capable of educating you. And IT workers who perpetuate the myth that it's "beyond a non-technical user's understanding" merely for their own convenience should be...fired.

If your management doesn't see things this way, there's probably not much you can do about the problem.