Someone didn’t get the memo: IT is an enabling function.
I was recently invited to a meeting to talk about health technology. While I was there I met a group of passionate, committed practitioners: experts in their medical field who work with patients day in, day out. These practitioners had found a way to use a social networking tool to support their patients. As a result, patients were living healthier lives and avoiding expensive and devastating complications.
At the end of their presentation, a CIO raised a question. Actually, he raised about fifty. And they were all to do with whether these highly skilled people should be “allowed” to use this technology in this way.
I used to work in the IT department of a large organisation so I have a lot of sympathy with Mr CIO’s perspective. But if he’s not prepared to search for answers to his concerns, he may kill off off what will be (if allowed to thrive) a project that sets his organisation apart from its peers, both financially and medically.
So what’s gone wrong here? The problem with Mr CIO is that he’s been trained (rightly) to identify problems. But he hasn’t been encouraged by his organisation to offer solutions. Instead of realising that the medical team’s innovation was just what his organisation needed, all he could see were the downsides for his department.
This kind of “embrace the risks and ignore the benefits” mindset is a widespread problem. How often have you found yourself frustrated because you know that there’s a great solution to one of your organization’s problems but you can’t promise your colleagues you can manage the risks. Research by Kapersky Labs [pdf] shows that 61% of large organizations take a risk-averse stance to employees using their own devices, for example, despite the potential savings in support costs and upswing in productivity and employee satisfaction. Meanwhile, many smaller businesses are embracing BYOD, becoming more nimble and more effective than their more established competitors.
This makes perfect sense: every order-of-magnitude of growth in an organisation makes it harder to manage the risk to the company’s network posed. An organisation with three employees may be able to manage the risks through personal trust, but in an organisation of 300, crossing your fingers hoping nobody will damage your network security with their rooted smartphone is insane.
There is a middle way, though. When it comes to managing a lot of very different users, with different devices, skills and requirements, help is at hand. For example, Miradore’s White Paper on Making Diversity and BYOD Manageable [pdf] explains how the latest generation of IT Device Asset Management software can help you manage your risk exposure at every stage from enrollment to retirement for every device on your network, employee-owned or not. This comprehensive management solution frees you up to see the benefits of BYOD rather than being hampered by risk.
Those of us in IT like to remind everyone from time to time that they couldn’t do their job without us. But we should never be in the position where it’s impossible for someone to do their job because we focus more on risks than on benefits. We owe it to our users to seek out the best tools to manage risk because IT should be, after all, the enabling function.