Other Hot Articles
20 security (and other IT) mistakes to avoid
Fall prey to any one of these common IT blunders and watch your organization’s prospects suffer -- not to mention your own
By IT World Canada Staff (with files from InfoWorld)
Page 2 of 5
5. Losing control over critical IT assets
Senior management has a request: "The marketing team needs to run ad-hoc SQL queries against the production database." It's simple enough to implement, so you grudgingly make it happen and move on. Next thing you know, poorly formed queries are bringing the server to its knees before every Thursday marketing meeting. Your next assignment? "Fix the performance issue."
Backseat drivers are a hazard; handing over the keys to someone who can't drive can be fatal. The experience and judgment of IT management plays a crucial role in all decisions related to IT assets. Don't abdicate that responsibility out of a desire to avoid confrontation. A bad idea is a bad idea, even if business managers don't realize it. (For a smile and shake of the head at a truly bad idea, read Shark Tank: One bad idea after another.)
6. Failing to virtualize
If you aren't taking advantage of virtualization, you're only making things harder on yourself. (Just make sure you’re securing your virtualized operation!) Virtual machines were a key selling point of early mainframe computers, but today similar capabilities are available on industry-standard hardware and operating systems, often at no additional cost.
Stacking multiple VMs onto a single physical machine drives up system utilization, giving you a greater return on your hardware investments.
Virtualization also allows you to easily provision and de-provision new systems, and to create secure sandbox environments for testing new software and OS configurations.
Some vendors may tell you that their products can't be installed in a virtualized environment. If that's the case, tell them bye-bye. This is one technology that's too good to pass up.
Check out this article about new desktop virtualization technology showcased at DEMO 2008.
7. Creating indispensible employees
As comforting as it may be to know that a single employee understands your systems inside and out, it's never in a company's best interests to let IT workers become truly indispensible. Take, for example, former City of San Francisco employee Terry Childs, who was eventually jailed for refusing to reveal key network passwords that only he knew.
In addition, employees who are too valuable in specific roles can also get passed up for career advancement and miss out on fresh opportunities. Rather than building specialized superstars, you should encourage collaboration and train your staff to work with a variety of teams and projects. A multitalented, diverse IT workforce will not only be happier, it will be better for business, too.
8. Raising issues instead of offering solutions
Are your warnings of critical vulnerabilities falling on deaf ears? Identifying security risks and potential points of failure is an important part of IT management, but the job doesn't end there. Problems with no apparent solutions will only make senior management defensive and dismissive. Before reporting an issue, formulate a concrete plan of action to address it, then present both at the same time.
To win support for your plan, always explain your concerns in terms of business risk -- and have figures available to support your case. You should be able to say not just what it will cost to fix the problem, but also what it could cost if it doesn't get fixed. In other words, use some business thinking to win support for a technology problem. (Read CIOs seek Renaissance IT professional in 2007 for more.)
(As an aside, check out the fall’s hottest new laptops for business users – some interesting mobility and security features to know about.)
|
