IT's Greatest Enemies

How to spot -- and take down -- the six most nefarious adversaries of IT.

Everybody keeps a list of the people who make their jobs and lives more difficult, even if they never write it down. It's a safe bet that IT pros' lists are longer than most.

CIO.com's IT Job Search Bible

Slideshow: Worst Cities to Work in IT: International Edition

Slideshow: The Worst U.S. Cities to Work in IT

Slideshow: Where the IT Jobs Are: 10 American Cities

You might think IT's greatest enemies are cyber criminals and malware authors. But far worse are those who make the lives of these evildoers that much easier. In fact, the greatest enemies of IT are members of the community IT serves: from clueless suits to annoying power users, from miserly managers to those friends and family members who are always hitting you up for free tech support. Any one of them can keep you from doing your best -- or getting anything done at all.

[ Find out which of our eight classic IT personality profiles best suit your temperament. | Learn about IT's dirtiest jobs, or have a laugh thanks to your network's weakest link in "Stupid user tricks 4: IT horror never ends" ]

Making an "enemies" list is not just a cathartic exercise but also a useful one, says Mark Kadrich, CEO of The Security Consortium.

"Though they often curse the user community, most IT pros don't spend the time to identify good users from the bad ones," he says. "You ask most of them how many users have administrative access to their systems, and the answer is usually either 'I don't know' or 'all of them.' I think they need to take more time to classify their user communities."

Here are the classic enemies of IT, how to recognize them, and what you can do to keep them at bay.

IT enemy No. 1: The Ostrich

The biggest enemy of many IT pros: bosses who bury their heads in the sand when it comes to technology, yet are still empowered to make critical IT decisions.

Businesspeople become the enemy when they refuse to acknowledge they have a role to play in how IT operates, says Daniel Teachey, senior director of marketing for data-quality specialists DataFlux. "Even if it's something as simple as defining what the term 'customer' means to their business," he says. "Data informs every action the business takes, and unless the business side takes some role in the management of data, IT will be left holding the bag and getting all the blame."

Even worse, upper management types that don't understand concepts like network security, yet override critical decisions of their network admins, says Randy Abrams, director of technical education for security vendor ESET.

"If you are in charge of network security but have no power to make decisions, then your job is to take the blame when things go wrong," he adds.

The classic example: email attachments.

"Several years ago IT managers had an incredibly hard time getting management to allow them to block executable attachments in email," says Abrams. "There was rarely a case when an executable file actually needed to be emailed, and the security advantages of blocking far outweighed the potential business costs of having these files blocked. Eventually the blocking of executables was built into Outlook, but it was a mindless battle of the clued vs. the powerful clueless for a long time."

Recognizing the enemy: That glazed-over look when confronted with technical questions, or the moment they open their mouths, says Abrams.

"They tend to say no first without ever understanding the problem or seeing the trade-offs -- even when the trade-offs are things that can ruin the business," he says.

Your best defense: Seek air support from high command.

"You need a data governance plan that spans the entire organization, which means getting a CXO type to step in and say, 'This is the way it's going to be,'" says DataFlux's Teachey. "They're the only ones with the will, the persuasiveness, and most importantly the budget to get it done."

But what if there's no one to give support from above?

"Then you're between a rock and a hard spot," notes ESET's Abrams. "The best you can do is hope to educate them. Figure out the best way to state your case so that it makes sense. Come up with a good analogy that's relevant to them. Knowledge can be power, but only if it's shared."

IT enemy No. 2: The Penny Pincher

Whether it's an enterprise-level CFO or a small-business owner, a penny-wise/pound-foolish manager can stand in the way of necessary IT investments -- making your job much harder.

Penny-pinching CFOs are among the biggest enemies of IT, says Nancee Melby, director of product marketing at Shavlik Technologies. "Any CFO who thinks the free patching solutions from Microsoft are good enough needs to find a new job -- or get out of IT's business. Leaving your keys in the car and only locking the driver's door will keep out only the stupid criminals."

Granted, IT can be a bottomless pit, notes Peter Marsack, director of business development for Vision Computer Solutions, an IT services firm for SMBs. But that can often lead to an irrational fear of all spending.

"The beauty of technology is you can dump a virtually limitless amount of capital at it and still have problems in your technical infrastructure," he says. "Because of this, getting purchasing requests approved can be a tedious process even if the cause is just."

Marsack points to medical companies that refuse to become HIPAA-compliant -- despite the security benefits and the penalties noncompliance might incur -- simply because upgrading all their equipment cost too much.

"I have clients who refuse to replace their 7-year-old computers because 'they still work' even though their staff burns through 10 hours a week just waiting on slow machines," he adds. "Most people think they can just purchase computers, put a network in place, set it, and forget it. We have to explain to them these machines need to be maintained and supported."

Recognizing the enemy: Though you might garner clues from threadbare office furniture or those Windows 98 machines running in the reception area, the only way to know for sure is to ask pointed questions about how the organization allocates resources for technology, says Marsack.

"If they answer, 'We never do that,' or, 'We get things as we need them,' that's a red flag. If they say they devote X amount of dollars or allocate money on a regular schedule, they're more likely to invest the money required."

Your best defense: Gather intelligence. Find an incident where the organization's lack of IT investment hurt its bottom line -- say, a server that crashed or a backup that failed, leaving customers in the lurch -- and exploit it.

"These are the kinds of things that happen when you're not allocating appropriate resources to technology," Marsack says.

Still, he adds, defeating this enemy isn't easy.

"I've not met many people who enjoy writing a check for any amount budgeted for technology, even though their entire company runs on it," he says. "The person with the checkbook is the hardest person to please in the business."

IT enemy No. 3: The Power User

Every IT pro has stories about plebes who suck the lifeblood from the help desk with questions about their PC's "any" key. But the real threat is posed by users who know just enough to be dangerous.

"For me the biggest enemy is not the clueless user, but the clued-in user who doesn't have the whole picture," says Kevin Thompson, information security manager for Minnesota State University at Mankato. "This is the guy that thinks he is helping by running pre-release software he downloaded from BitTorrent. This guy has all the passwords of the other users in his office and acts as the unappointed first line of technical support. Instead, he frequently breaks things."

Not only do Power Users cause support and management headaches, they can be walking, talking security nightmares, says The Security Consortium's Mark Kadrich.

"They're usually engineering types or Ph.D.s who firmly believe they know more about the computer and network than you do," he says. "They insist on having admin/root access so they can 'configure' their custom applications or memory, and believe firewalls are for the unwashed masses. They're 'savvy' and can outwit any hacker on the planet. Besides, they 'don't have anything that a hacker would want,' so why should they worry? Their naiveté borders on the criminal."

Recognizing the enemy: They might be wearing Armani or T-shirts and flip-flops, but they're carrying a jailbroken iPhone in one hand, a Palm Pre in the other, and two laptops in their bag. Also: Anyone with a "Dr." in his or her title.

Your best defense: PsychOps. The only way to get a Power User's attention is to scare the hell out of them, then gradually bring them over to your side, says Kadrich. The exact approach depends on the position they hold in the corporate ranks.

"Executives don't give a damn about security, but they do care about their brand," he says. "You tell them, 'What you just did caused a huge number of emails to go out proving how screwed up our brand is.' That generally gets their attention."

For lesser tribe members, Kadrich makes the threat personal. Thanks to the Power Users' meathead behavior, their personal financial information has been compromised; now they have to call their bank and cancel all their accounts.

The second prong of attack? Training and awareness. Low-key regular luncheon sessions talking about the latest security breaches is the most effective way to alter people's behavior, he adds.

"You want to make the people in your organization security ambassadors," he says. "Taking the enemies of IT and converting them into true believers is the best approach."

IT enemy No. 4: The Politico

As technology rises in importance across virtually every organization, office politicians will be looking to surf the IT wave into the executive suite -- even if they have to ride on your back to do it.

That's why CIOs who play politics are IT enemy No. 1, says Steven Levy, CEO of Lexician Consulting. "These CIOs don't understand the businesses they serve, and they'll say or do anything to get 'a seat at the table.'"

In the long run, says Levy, they end up undermining the value of IT to the enterprise.

"When they talk about reducing complexity, they mean cutting the number of applications IT has to support, not simplifying the life of the business customers they serve," he says. "They talk about IT being up to date and then can't figure out how to roll out a new version of Windows or Office until three years after it shipped. They hire bureaucrats that they think are technocrats, but the technologists in IT laugh at their skills. And they're terrified by the idea that departments and business teams might develop their own applications, seeing that as a threat to their fiefdoms rather than as a way to help the business support itself."

Recognizing the enemy: Look for managers who've mastered the art of talking out of both sides of their mouths at the same time, says Levy.

Your best defense: Dig a trench and try to outlast them. Effective CEOs are veterans at spotting those playing office politics, and the CIO honeymoon period may be short, notes Levy. Or make allies with high command to shield yourself from radioactive fallout when things implode.

"The best solution is to get the business leaders in the C-suite or with highly respected voices to laud your work and talk up your solutions, thus covering your back in a way that the CIO can't effectively undermine," says Levy.

IT enemy No. 5: The Freeloader

If you know anything about technology, you've surely encountered this time- and patience-sapping foe. A "simple" question about computers morphs into demands for free 24/7 tech help when you have actual paying customers to support.

"The absolute worst offenders are people who assume that they can pick up the phone and call you anytime they have even the most minor computer problems," says Dan Nainan, a comedian and "computer genius" whose acting credits include an "I'm a Mac" commercial [video] (he's the guy in the bubble wrap). "Having been a senior engineer with Intel and a computer nerd for my entire adult life, I am beset on all sides by people who think they can just pick up the phone and call me anytime with a computer question. Haven't these people ever heard of Google?"

Clueless and greedy users are the No. 1 enemy, agrees Howard Sherman, founder of on-demand tech support site RoyalGeeks. "They don't have a clue, don't want a clue, and don't even know what a clue is, yet they expect you to answer each and every question they have at work, on the golf course, at a dinner party, the bar, or a bar mitzvah. They shamelessly suck the knowledge out of you, in addition to your will to live."

Recognizing the enemy: When they find out what you do for a living they immediately (a) ask for your card, (b) start flirting shamelessly, or (c) launch into a tale of technical woe.

Your best defense: If possible, retreat. "When you spot a user like this just start running down the hall screaming," suggests Sherman.

Unfortunately, since you're often related to these people, you will eventually run into them at weddings and funerals. Dan Nainan keeps a short list of those who deserve tier-one support -- like his agent or the superintendent of his NYC apartment building. The rest he sends to voice mail or redirects to actual tech support lines. "I find if you wait 24 hours the problem solves itself -- or they've found some other sucker to fix it for them," he says.

IT enemy No. 6: You/Me/Us

1 2 Page 1
Page 1 of 2
Discover what your peers are reading. Sign up for our FREE email newsletters today!