“Failure to innovate on your part will lead me to innovate with you (by force), without you, in spite of you, in lieu of you.” – Credo of a disgruntled end user, former IT resistance leader, and former and current CIO (namely me)
I just finished reading an article on how IT should manage “rogue” users and while I do not disagree with what I read, it got me to thinking about why we have rogue users in the first place. Some will say that rogue users are just a natural part of any organization--people who can’t seem to follow the rules. You find them all the time, no matter what the arena.
While the above is probably accurate to a degree, I suggest that many rogue users are in fact created by IT. Furthermore, I purport that these users are created by the frustrations caused by an IT department that is failing to lead in technology and just exists, for lack of a better word.
These IT departments are often characterized by their staunch adherence to standards that never change or change only to the newer model of whatever vendor product they chose in the first place. They use a variety of excuses--lack of funding, too few staff, too costly to change midstream, change would require too much re-training, and on and on--to justify their inertia. The sad part is that whether the excuse is valid or not, users want to move forward, and will find a way to do so. They will go over, under, around, behind, and in front of you to work smarter with current tools. Is this a bad thing? The answer is yes and no.
The answer is yes because IT in an organization needs to operate in a controlled environment. You can’t have end users running amuck with technology--it’s a disaster waiting to happen and a support nightmare.
The answer is no because you actually want your end users to use technology to work smarter and you actually need to encourage that kind of thinking and behavior.
So what is the solution? Did you guess governance? If not, you should have. The IT department that I describe above usually has a weak or non-existent IT governance model; therefore, end users do not have a say in how IT services are provided to them. It’s kind of like taxation without representation--and you know how unpopular that is.
A strong governance model (and there are many) includes end users/business units in decision-making, alignment, and communications. By working in a participatory manner with the customer and letting them have a say in the operations, you generally end up with a more satisfied customers and less rogue users.
Notice that I say less rogue users in the paragraph above. Rogue users don’t go away simply because you have governance; you have to be able to execute too. Otherwise you have a participatory IT government that is ineffective, which can produce more frustration than having none at all! How can this be? Have you never participated in coming to a mutual consensus on something only to watch the person or organization responsible for the execution of the good idea fail miserably? If not, you must not pay much attention to politics at any level--office, local, state, or federal.
Another characteristic of the inert, non-responsive, non-innovating IT department is a lack of customer focus often due to a lack of an IT framework--a comprehensive set of methodologies and practices to draw upon when managing IT services. These departments just run themselves based on the vision and direction (or lack thereof) of their IT leadership. In these cases, a good shot of ITIL, COBIT, or ISO combined with strong leadership can go a long way in reducing end user frustration, and thus further reducing the likelihood of rogue users.
In general though, rogue users should be viewed as symptomatic of an unmet need. Did you find that an unauthorized employee deployed wireless access point on the premises? Rather than go ballistic, consider perhaps that you haven’t provided the needed wireless coverage in your organization. (Note that I am not advocating leaving the open WAP in place, just suggesting to you on why it might be there in the first place.)
The more rogue efforts you run into, the more you should realize that IT management is failing the organization. The reasons do not matter as to why other than to guide you on what to fix--and fix it you should. Otherwise, it will get fixed for you in some fashion. How do I know? I have been there and done that and frankly have been quite proud of it. All guerillas don’t wear camouflage. Sometimes they wear suits and ties and are bound and determined to innovate--so bring them into the fold--or beware. Viva la revolucion!