Monday, August 4, 2008

Five things your boss doesn’t want to hear

Author: Toni Bowers

If you’d like to develop a better relationship with your CIO, you might want to check out this list of things your boss doesn’t want to hear.

Mary K. Pratt wrote a good article for Computerworld after she asked a group of 2008 Premier 100 IT Leaders to talk about the kinds of messages they never want to hear from their staffers.

Here’s the list she compiled from the conversations:

Don’t talk only about the technology and not about the business. These CIOs say that technology-for-technology’s-sake won’t get you far. You should couch any technology discussions in terms of what it would mean to the business.

Don’t be too enamored with one solution. Most IT people have a technology preference (just witness some of the fights we’ve had in TechRepublic’s forum over the years about Linux vs. Windows). Be open to all solutions.

Don’t operate from the stance that something is impossible. No CIO wants to hear this word. A task may be insurmountable, but the best way to get that across is to present the challenges in a logical way. Let the CIO come to the conclusion about whether it’s still worth pursuing.

CIOs don’t want to hear you express bad opinions about your colleagues. CIOs want their employees to work out problems on their own.

No surprises. This seems a little contradictory to point number 4 to me. Pratt quotes Ian S. Patterson, CIO at Scottrade Inc., a St. Louis-based online brokerage firm, as saying he “always prefers to hear news — good and bad — directly from his workers.” How would one address the fact that a colleague may be causing delays in a project without expressing a bad opinion? I guess it’s all in the way you say it.

When IT pros go bad

Author: Toni Bowers

The recent case of the network administrator who shut down San Francisco’s FiberWAN network may cause some corporate executives to initiate unneeded policies. Would that be yet another example of too much time spent on something that, in reality, rarely happens?

The Terry Childs case has been a wake-up call to corporate executives across the globe. (Childs, a network administrator for San Francisco’s Department of Telecommunications and Information Services, is currently in jail and being held on $5 million bail for allegedly altering the city’s FiberWAN network system to deny service to authorized users and setting up devices that would allow unauthorized service to the system.)

I would guess that few executives (and staff-level end users for that matter) had any idea of the power one lone IT pro could have until now. Since the mindset of most employees is that IT is the department you call when you can’t access your files or your e-mail is running slow, it’s pretty disconcerting for them to find out that, depending on their position in the company, IT pros pretty much hold the keys to the kingdom.

So now, of course, the media is feeding this newly found fear in the hearts of corporate executives everywhere.

Last Monday, in the Globe and Mail, a story by Rebecca Dube brought to light some other recent cases of disgruntled IT pros wreaking havoc on their employers. The stories included the Australian engineer who was sentenced to two years in prison for hacking into a waste-management system and causing millions of liters of raw sewage to be dumped into rivers and parks. And Roger Duronio who was found guilty of computer sabotage and securities fraud for creating a logic bomb that took down 2,000 of UBS PaineWebber’s servers.

Then there was Alan Giang Tran who, after he was fired from his job at an airport limousine company, hacked into his former employer’s network and wiped out the customer database.

You just know that company leaders are going to be instituting policies to protect themselves against any kind of retaliation like this. There are a couple of reasons such policies could be a waste of time. For one, those executives don’t understand enough about IT to know how to form a policy to curtail its activities or access.

Second, if you think about all of the opportunity IT has to manipulate or destroy data or shut down networks, it’s pretty amazing how rarely it happens. So this could be another instance of putting precious time into creating policies because of something that happens maybe 1% of the time.

Now I could be wrong. You could all be out there using the skills of your job to funnel streams of money into your Swiss bank accounts. But I don’t think so.

So let’s discuss. In your jobs, do you have the power to paralyze the company you work for? Why do you think some people take advantage of this power while most don’t?