Does It Have to Be "Security & Up-Time" OR "Creativity & Ingenuity"?

image [cc] johndal
I had a conversation with a techie librarian yesterday that has found there is a dividing line between the IT and Library when it comes to support for creative ideas that originate in the Library. It's an old story, but one that seems to continue in an age where the IT mantra is focused primarily on the issues of Security and Up-Time. Not that Security and Up-Time are not important, they are critical pieces of the technology puzzle, but they are not the only pieces.

The whole IT process has become a road-block for those creative and ingenious ideas, as many of those ideas are viewed as "security risks" or not supportable in the current infrastructure. Ideas are suffocated in the extremely bureaucratic process of getting it on the IT schedule… which allocates it to some future Quarter of the next fiscal year. IT has become a slave to the Gantt chart, and has caused the creative projects that require flexibility to go underground.

Chances are there are a number of "underground" projects going on in your firm right now. Unofficial SQL databases; web servers running off of an internal PC; MS Access databases being shared across a network folder; external services hosting internal data… the list goes on and on. Many of these are known to the IT department, tolerated, but not supported. However, as time goes on, and the procedure for getting items on the "IT Calendar" gets harder and harder, and the implementation dates for approved projects are pushed further and further down the line, the underground projects start becoming more elusive. Underground projects that started off as work-around's, suddenly become critical tool to certain departments or lawyers. Critical tools that are unregulated by IT.

How can there be a happy medium in this scenario? First of all, it would seem that IT has to understand that there are those in the organization that will find work around's to the roadblocks they set up in the name of up-time and security. Instead of viewing these as rouge employees that need to be shut down, perhaps it would be better to have some type of IT liaison to go out and discuss why a work around is needed in the first place, and  work with others to determine a safe way to manage the project that minimizes the security and up-time risks, while also suggesting official alternatives that may already be in place. Maybe the reason for the work around is a lack of knowledge of existing resources or training, rather than the non-existence of a resource. The key is communications. Ignorance may be bliss, but only if that ignorance doesn't cause other systems to shutdown, or key confidential data from leaving the secured network.

IT cannot do everything. It does not have the budget, the people or the resources.

Work around's are not always good ideas either. Some work around's are huge security risks, or waste limited resources on projects that return very limited value.

This brings me right back to the communication solution. IT cannot continue to hide behind the bureaucratic processes as a way to stifle potential projects that originate from outside the department. Doing so will only create more incentive for those with ideas to completely shut out IT and go create them on their own, or simply give up on a creative and ingenious project simply because they know IT will shut them down.

Security and up-time are critically important, but so is creativity and ingenuity. These ideas should dove-tail together, not be at war with each other. IT needs to walk out from behind that secure set of doors that divide them from the rest of the office and start communicating with the people that have been creating the work around's. There is value in that relationship… the first step is to start a dialog.

Bookmark and Share


Toby Brown said...

Years ago my head ran into this brick-wall.

What I came to appreciate about IT is that they are not typically paid to innovate. Lawyers will occasionally complain that Firm X has a newer version of Office, but that is just a bit of venting.

But lose an Internet connection or printing services and IT gets hammered.

I agree IT should look up from the road they travel on and reach-out to their customer base, but I also sympathize with their situation.

I would point to firm leadership as more of the source of this problem. If they want innovation and customer service, they need to reward it.

KenHirsh said...

As I said when I managed computing services at Duke Law, "My job is to make your job easier." As I replied to Elmer Masters on Monday when he asked, "If a role of the library is investigating new tech, what is the role of IT?" I said "Enabling it all." Firms have constrictions not imposed on law schools, but still, and above all, IT should be an enabler, not a disabler.

Greg Lambert said...


I agree with you that IT is stuck in a situation where there is almost no reward, and all hammering. I sympathize with their situation, too.

I'm thinking, however, that the processes and procedures that IT has created in order to get anything approved has become, in itself, a risk to IT because it causes creative people to work around the system. We constantly point out that law librarians need to get out of the library and talk with their clients. That same idea applies to IT as well.

Greg Lambert said...

As usual, I totally agree with Ken.

Enabling doesn't mean giving in to every idea that is presented, but it should at least mean giving ideas a chance to be heard.


© 2014, All Rights Reserved.