Jeff StokesMicrosoft Field Engineer, GBS

Crouching Tiger, Hidden UserThoughts on the IT process and the human impact of same.

The lock down vs the smack down

Why corporate users sometimes resent their IT departments

How the IT Department sees itself

How the IT User Feels

The Case for Controls

• Security

• Audit

• WikiLeaks

Security

• Digital Rights Management• Anti-Virus• Mobile Device Management• Email Discovery• Remote Access Controls• Patching and Updates• Desktop Lockdowns/Branding

Audit

• Compliance

• Change Control

• Enforcement

Wikileaks/Breaches

• Public Image/Reputation

• Legal Liability

• Theft of IP/Monetary Assets

The Results of Extreme Controls

• BYOD

• Reduced Productivity

• Lower Morale/Trust Issues

BYOD

• In some ways, BYOD is the loss of respect and faith in the IT organization by its user base. Users feel they can be productive with own equipment rather than corporate assets.• Long Boot Times/Slow Performance• Frequent Crashes• Tight System Controls

• In other ways, BYOD is an empowerment of the user to ‘get things done’. In these cases, the “BYOD” could better be coined “PYOD” (pick your own device).

Reduced Productivity

• Usage of overly managed systems impede users from getting their work done.

• Change control and heavy audit processes slow innovation, creativity and organizational agility.

• Siloing creates team resentment and poor communication channels

Lower Morale/Trust Issues

• What is the cost of to the institution for an employee to walk?• To go to a competitor?

• For both of these, one must consider the cost of training a replacement, the cost of loss of institutional knowledge (why was a system setup a certain way 10 years ago?)

• What is the cost to an organization when teams break away and do their own thing because of operational inefficiencies or overbearing rules?

What to do?

Control but Trust

• Remember employees, from all divisions and teams, are in it to win it.

• Control lightly, trust heavily.

• Give people the opportunity to do the right thing.

• Trust their judgment, listen before reacting!

Data Protection, not User Restriction

• Use native OS capabilities to protect the ‘good stuff’• Digital Rights Management appropriately• Classify Data according to Impact and Importance

• Mobile Device Management for BYOD is Paramount here• Patch/Secure the end point devices• Complex Passwords and Security Enforcement that is Reasonable

• Extranet Access, what is needed to do the job, control the floodgate of information here.

Empower and Enable

• The primary task of IT is to use changing technology to improve business productivity. Do not lose sight of this.

• Give the users good tools to achieve results. Take feedback on what their view of ‘good tools’ means vs what IT’s view is. Invest in training.

• Remove blockers to employees and teams, make sure they can get their job done. Remove barriers between orgs. Why reinvent the wheel?

Adapt and Change

• Create feedback loops in the environment. System monitoring, alerting for performance, SLA breach, etc. But more importantly, survey the business heavily. And Listen to the results.

• Be ready to be wrong. Be comfortable to admit mistakes. Nothing stymie's innovation and action more than fear.

• Readiness and training are paramount. Change with the times, more so, innovate with the times.

And more importantly

• Have fun. More time in life is spent working than anything else. Do what you love. Love what you do.

• Remember, “if nothing ever breaks, IT isn’t innovating to improve business productivity”

• A system that worked great 10 years ago, does not a great system today make.