IT managers have it pretty tough these days. They have to juggle a mix of equally demanding, and sometimes conflicting, imperatives. Compliance regulations. Security iniatives. User requests. Budgets. Tending to any one of these areas could constitute a job in itself, but IT managers have to deal with them all. And a single slip-up could cost them their jobs.
Back when Sarbanes-Oxley was first kicking in, an IT department manager from Ohio wrote in a post on Tech Republic (poignantly titled “Sarbox has taken over my life“) that
“We found out 3 months ago that our revenue cycle is subject to a Sarbox audit, which means IT is also subject to an indepth audit. Our fiscal year end is June 30, so we had a relatively short period of time to prepare. My shop is somewhat small, and somewhat loose. It’s been a nightmare. I spend at least 50% of my time on Sarbox issues.”
Corporations subject to compliance initiatives like Sarbanes-Oxley and HIPAA don’t really have a choice about how closely they’re going to follow the law. Either they do it or they’re probably going to be put out of business. But, as our manager from Ohio illustrates, many companies have failed to restructure job positions or work processes to accommodate what amounts to a massive new demands on IT.
Meanwhile, in the security realm, the stakes are high and getting higher. It isn’t enough for IT folks to be vigilant about protecting data and equipment; one misstep could get them fired.
“‘Four lose jobs after data breach at Oregon health care facility — Providence Home Services says it has new data integrity procedures in place.‘ I don’t get it. Someone was fired for doing his or her job? Taking backup tapes home has been a practice from time beginning for Systems Administrators. I’ve done it myself and here’s why.” (Computerworld)
To be fair, employees fired in data breach events aren’t always blameless, and sometimes the incidents are too newsworthy or embarrassing for managerial heads not to roll. Take for example Maureen Govern’s hasty departure from the CTO post at AOL following revelations about the insecurity of subscriber IDs. There was simply no way she could perform her job effectively after the news broke.
Couple competing demands for time with a certain amount of anxiety about what (or who) might get you fired, and what do you get? An IT staff that may, on occasion, be less than gracious with users. Martin MacLeod at Blade Watch recounts one line of business manager’s complaints about his IT department:
“They tend to be rather inward facing, lack a coherent structure and worst of all you get mixed performance dependent on who you speak to … I want a relationship, a customer focused guy I can call and who’ll not tell me what I want to hear, but to deal with me professionally.”
Technology can’t solve all of these problems, but it can solve some of them. Centralizing corporate computing resources makes it easier to enforce archiving and other compliance policies; easier to control and secure data assets; and easier to keep pace with user demands.
Of course, it’s also helpful to have brilliant and motivated staff, a CEO and board of directors who understand and appreciate technology, a generous budget, and a 25th hour in every day. Most of us can’t have everything, though.
Discussion
What do you think? Leave a comment. Alternatively, write a post on your own weblog; this blog accepts trackbacks.
Leave a Reply