You've done it. I've done it. I'm sure we've all done it at some point, but why? I'm not talking about drugs or smoking, but misrepresenting the truth. I contend that IT as an industry has accepted dishonesty and disinformation as standard practice.
Let me give you an analogy of this situation. My Toyota is having mechanical problems and when I press the brake pedal, the car won't stop. Being a somewhat rational individual I do what I feel is the responsible thing and take my car to the dealership's mechanic. I describe the problem in depth, how it occurs, and what I think should be the expected outcome. The mechanic agrees that when I press the break pedal that my car should stop. After weeks of working on my car, the mechanic phones me that the repairs are complete. I get to the dealer ship and the mechanic hands me a cheeseburger. Confused, I ask why I am now holding a cheeseburger. "Well, you wanted your car to stop when you press the break pedal." More confused I reply, "Yes, but why the cheeseburger." "Exactly", says the mechanic. Now I'm just pissed off, ""¦exactly what? Do my brakes work?" "You were a quart low of cheeseburger. Hold this and everything will be fine", says the mechanic.
The point is instead of a)fixing the problem b)defining why it can't be fixed or c)admitting that they don't know how to fix it, an alarming number of people simply lie or "amplify the truth". A good deal of what Microsoft says can fall into these categories. Take, for instance, the assertion by Microsoft that Vista is more secure than Linux or OS X. Common knowledge (and common sense) tell us that this isn't the case, but instead of owning up to the shortcomings, the truth gets spun into some marketing hype that running Vista will make you taller, more attractive, and cure you of the common cold. I do understand why big companies like Microsoft fall into this trap, they have to so that they can convince us to buy their products. I imagine that there would be an audible thud on Wall Street if Microsoft started a new ad campaign, "Our products suck, but we have market share. Buy Microsoft or you will be consumed!"
On the smaller scale, though is there really a huge disincentive for your average system administrator or CIO to own up to the truth? In a government agency or privately held organization, how much fallout could there be? I suppose in some respects that the damage done by admitting a mistake could be troublesome, but when you abuse the truth, aren't you putting your relationship with your constituents at risk? We have entered a new age in which most of our clients are tech savvy enough to be able to accept the truth for any IT based issue without us spoon-feeding them a pabulum of falsehoods and misinformation. Smoke and mirrors IT is a detriment to the field and in my un-humble opinion if you can't be leader enough to communicate truthfully with your clients then you should consider a career change"¦ perhaps an auto-mechanic. Realistically, if you explain to your clients that you forgot to place a semi-colon correctly in the 200,000 lines of code, isn't that better than saying that there isn't a solution or that the company will need to buy everyone a new computer to meet the increased computing demands of the new version of Notepad. How about saying, "Despite our months of testing this complex software, we missed an important coding element which resulted in the problem that you see now. We have a fix that is being tested now and will be distributing that as soon as we have further validated our coding." The nonsense that I hear and read which are served up as explanations for problems is truly astounding.
Let's be honest, IT is a very broad industry and even if you have spent several years working on one particular IT issue, odds are that some one out there knows something that you don't about that issue. IT has operated for so long behind closed doors and in the shadows of the core business that some of us built our own guest lists for the "truth doorman". Frankly, you're not on that list even if you slip a ten spot to the doorman. The reasons we don't tell you the truth vary but a few of them are listed below:
"¢ We think that admitting that we don't know the answer will hurt our credibility and our credit is already pretty bad.
"¢ We aren't smart enough to realize that we don't know the answer"¦or to realize that we're not smart enough.
"¢ Finding a real answer is too much work and we're in the middle World of Warcraft.
"¢ You can't handle the truth.
"¢ We will have to admit that we fouled up and the Vulcan code prohibits failure as a logical outcome.
"¢ We don't like you and will tell you anything to mess with your head.
"¢ Cheeseburger"¦
Despite these very valid reasons, I think that an argument can be made for keeping your clients in the know. As IT becomes increasingly commoditized, the relationship between the IT shop and the core business clients will a major factor in whether or not the business relies on YOUR IT shop for its services. How many times would you expect me to take my Toyota to the burger-flipping mechanic when there is another wrench-toting mechanic across the street? If your IT shop isn't willing to be above board with its clients, then rest assured that your clients won't be dealing with your IT shop for long.
Amazing that an alleged professional writer either spells "brake" wrong, or let the spellcheck change it. Plus, I agree with one of the comments that the analogy is lousy as well ...
And btw, if more corporations had employee monitoring software, there would be less malware on PCs, little if any visits to risque sites, and dramatically increased productivity all-around ...
Hey, this is Sarah Catcher and I have to say that the truth rewards few people. Your article is a really good read and I feel it addresses the IT Security world.
Those who are good at computer security are the same people who hack into systems to learn. If you were honest about practicing any type of talent in learning and testing systems for flaws, you would be rewarded with an audience of people that might feel uneasy about keeping you an employee. Yet, you would be the same person that would keep their systems secure. Instead, you are forced to do a lot of "extensions of the truth" for exactly how you learnt the information.
It is the same principal of those who parent. They tell their kids to tell the truth, but when they go up to a parent and say the truth, the parent says, "You're grounded!" What did you teach a kid? To tell a lie.
Hats Off,
I like your writing.
Sarah Catcher
You're right, we are telling little lies and half-truths everyday to our clients (internal or external).
Maybe because english in not my native language I didn't see the connection with the data tapes in the title...
While yes, I do agree that IT ethics are up to speed, neither is the person reporting their issues.
Using your example, Mr. Toyota is less than likely to tell the mechanic that he has never had the brakes checked prior to reporting the issue. So in the real sense when the mechanic is handing you a cheeseburger, you act confused, that is because he's not going to tell you what your REAL issue is.
Say you download every freeware possible that has spyware in it to your computer and/or visit risque sites while at work. You call up the help desk and complain that you're computer is running slow. You're never going to tell that IT person outright what you've been doing, you're just going to tell them you need a new computer and you need one tomorrow.
The IT person comes visits your desk and finds all the freeware, spyware and already knows your history of risque sites thanks to the logs on the network that s/he reviews once a week. At that point he's going to hand you a Cheeseburger because politically speaking, he's never going to directly call you out for all your internet activities and installation of untrusted software.
The second point I want to make is that IT cannot predict how much knowledge a person has about technology. There are many that just don't want to understand...so the cheeseburger becomes the dummy explanation.
So then it becomes the chicken and the egg thing: until one group starts being honest up front then the other group won't be as honest...
The article starts with a lousy analogy and references to the break [sic] pedal.
It then blossoms into a tirade of hyperbole and glittering generalities.
Homer Simpson puts it more succinctly: DOH!
Taken under consideration. Now where did I put my doughnut?
In my experience it's more like the car owner doesn't want the brakes fixed.
Getting into an accident and collecting the insurance seems worth the risk.
What I mean is when you tell your client that they have over a million instances of unencrypted credit-card data in terabytes of legacy test and junk directories which are still embraced by their production networks and current codebase they would rather wait for an audit to find them and if they do, pay the fine - which is cheaper than full remediation. Or... the car owner might ask if there is a way to fix the brakes without fixing the brakes, find some "compensating controls" to bubble-gum on so that the car might "stop real soon". True stories, among many more I could tell.
The perspective voiced is based on the flawed assumption that IT's "customers" are truthful. IT, afterall, is generally a service within the organization, the organization being its (internal) customer. Ever heard of Sales selling things that don't exist? Ever heard marketing blah that has a sweet ring, but no basis in reality? Ever heard a business leader say "do it with less" thoughtless of outcome or quality? We seem to forget that IT is part of a community -- an inter-dependent and symbiotic community. What goes around, comes around -- and lying was not invented by IT.
A mentor of mine once said, "we don't get what we pay for, we get what we reward for." IT "lies" no less or more than any other practice in the modern organization. Suggesting otherwise is pedantic. Truth be told, IT is a recent phenomenon, only coming into formal existence in the last couple decades. The corporation, however, has been around for much longer. If anyone or anything should take most of the credit for the general lack of corporate candor and truthfulness, it should be organizational leadership. Leaders: feel free to lead by example here.
We got a cheeseburger because we asked for a cheeseburger -- we and a thousand other "customers" who blamed the service provider (e.g. IT) for not being able to right our problem. What if the mechanic had said initially: "Hmmm, I've never seen this before, it might take a while to diagnose?" Or, "Yikes, that's definitely the doo-hickey, and they run about $2,500." I'm sure we would have politely said, "Thank you, please proceed." Or maybe, "Yikes! Is there something a little less we can do to fix the doo-hickey?" Or, maybe, "Thanks anyway, can I speak with your manager?" No. We would have unloaded on the messenger -- we and a thousand others.
All of this translated: maybe IT is tired of being the fall-guy for every half-baked, vacuum developed, Sales, Marketing, or other corporate whim-of-the-day emergency project...failure.
The truth is: If we want the truth, we need to start walking the talk. Great perspective Chad. It's just that we need a (much) broader brush to paint this fence.
So...
Taste, and enjoy the cheeseburber, spiced with "a pabulum of falsehoods and misinformation!" We have all earned it. ;-)
All this is true, correct, excellent, etc. However what if you work for a large organization where raises and bonus are not based on how much you get done, but on how few mistakes you make. Having worked in such a de-meritocracy in the past, I can tell you it's no fun. Unless you like to coast and do nothing and get raises while watching the hard-working people get hammered for their mistakes. (Because let's if you are doing a lot, then you are bound to make at least one mistake each year. Bang! That was that hammer coming down. Sorry no raise this year.)
This is the raw truth and in my view applies more to corporate IT than the packaged product makers (although it also applies there). CIO have no incentive to tell the truth! This lack of honesty then just trickles through IT shops with devlopers not logging defects, logs being signed with backdates, etc.