Twenty years ago the most intimidating person in a company was the person with the key to the stationery cupboard. They’d query why you wanted two pens instead of one, complain about how quickly you were going through your notebooks (as if documenting less would be better) and positively sniffed at you if you needed pens and notebooks at the same time especially if you were a new start.
The grumpy sod in charge of the stationery has been replaced with the IT Bully. They still hold the keys to productivity but they actively attempt to stymie you, or so it would seem.
They don’t enable
The more functionality you have, the more the IT Bully has to manage. This can be simple (like preventing the user from changing his desktop background) to complex (hiding the Connections tab in Internet Options so not only can you not change the proxy setting but you can’t even view them – should you need to, for example, attach to a different network or try and get a machine working on your current network) to inane (setting up all of the machines on the LAN to talk to a Time Server in order to keep the clocks in sync – but that clock is not only 10 minutes fast, you’re also blocked from changing it manually).
They don’t care about your work
It’s not their work. Their world is all wrapped up in WINS, Active Directory, Forests, DOMAINS, Policies and Profiles. The ports they use are tied up in Windows-specific services, MAPI, their own monitoring ports. They don’t consider that you may need to access services in high order ports, use IMAP/POP3 services outside the LAN, connect using SSH/SFTP or any number of other possibilities.
For example, changing the firewall and proxy settings over the weekend and not telling the client which means that anything they have added to the network stops working on Monday morning. The event which inspires this rant involved exactly that – a forced change which we were not informed about, when queried, was initially denied and then responded to with aggressive language designed to intimidate.
They exploit fear, uncertainty and doubt
This serves to intimidate the non-technical using language like “I’m sure you can all appreciate the importance to retain the highest level of security feasible…” or “I’m sure you understand the need to maintain the need for review of security on the ICT systems and the importance of authorisation to open service ports to the Internet” while stripping us of essential services or denying us products and services which might actually make our job easier. Sadly things haven’t changed – they don’t like it if you want to use a Mac or if you want to use an Smartphone or PDA with the system. They’re not keen on new software, on web-based services which bypass their provisions and claim ignorance if you ask for the settings which would enable you to sort things out yourself.
When cornered, they attack.
Another memorable IT Bully was Justin. He talked the talk but never quite managed to walk the walk. He claimed knowledge of UNIX and network that he could never demonstrate and had to be guided through even the simplest processes but he was in charge of the Windows IT network on site. For nine months he ‘evaluated’ a top spec laptop running the latest Windows build yet in the end it had to come down to the other members of his team to deliver the promises he made – and even then the build was lacking multimedia (promised), PCMCIA support (essential), Sleep/Suspend support (obvious for laptops) and support for additional monitors, IrDA, modems or wireless. When confronted at a project meeting with the problems, his response to me was “Shut up, Macboy” which thankfully ended his participation in any of the important projects that we had to manage.
I am in charge of the infrastructure for our organisation and I think you have highlighted some valid points above. I do think however the problem is more about how these things are communicated rather than the actual actions themselves.
We prevent access to pop3 and imap4 as well as their ssl alternatives to ensure that all mail coming in and out is logged and virus scanned, we would encourage the use of applications such as nutshellmail.com to enable people to get access to their personal mail – as long as it is all scanned and logged. The only thing we allow outbound by default is http and https, and only then through the proxy server. If any users require access to other ports/services then of course these are considered and applied very quickly if deemed to be a genuine requirement but there is a procedure to go through and documentation to produce.
The other point about hiding or disabling certain features from windows users is also a valid one but I’m afraid we have learned from experience that it saves a lot of work in the long run to only enable these for users that specifically request it and then to remove that access again afterwards. Yes, a user should be able to _use_ their computer but there does have to be a set of controls and procedures in place to ensure they can continue to do so.
I’d add to this that they positively HATE to be interrupted. They’d rather sit in their little corner, protectively cocooned by whirring servers and flashing gadgets, none of which it would appear are anything to do with the company IT system, staring too-closely at the five screens they seem to require.
And, they all have Lord of the Rings/Jedi etc paraphernalia strategically placed, to confirm their geekdom.
Having said that, a few of my friends are geeks and are very nice it has to be said.
@Simon – I’m not arguing about the use of policies and protocols to prevent malicious damage, I’m arguing about the existence of the IT Bully whose job it is to change things without telling you, to prevent you from doing things that would otherwise be a no-brainer and to be deliberately obstructive when you come to them with a problem they have caused in their fumbling around. You also have to remember that my background is being an IT worker – there’s a big difference between the IT Bully (whose first answer is no) and the IT worker (whose first answer is to examine how to make things work out for everyone).
@Dawn – There’s nothing wrong with geeks obviously. There is something seriously wrong with the mentality of an IT worker who gets aggravated when people come and ask for help when it is *his job* to help them.
IT workers have to realise that they are part of the value chain and it is their job to make sure that everyone else can do their job. This isn’t about installing a Christmas Lights theme on XP in November, it is about helping people take their mind off how much they hate their IT infrastructure by being more considerate.
Classic quote this morning from Nick:
“isn’t it amazing how NOT being an asshole when doing your job can make so many people’s lives that much better?”
If more IT workers would take that to heart, we’d be in a better place.