Why Don't IT Departments Give Employees More Freedom?

No readers like this yet.
Lots of hands trying to climb a ladder


Do you feel hamstrung by your company’s IT policies? Are the IT tools you have at home more up-to-date than ones you’re forced to use at work? Do you wish you had more control over your IT environment at work? If so, you’re not alone.

A while back in the Wall Street Journal, Nick Wingfield dared to question the totalitarian policies of the average corporate IT department–and boy-oh-boy does he make some good points.

How is it that employees can be trusted to take care of important customers, safeguard expensive equipment and stay within their budgets, but can’t be trusted to use the Web at work, choose their own IT tools, or download programs onto the workplace PCs? Do IT staffers really believe that conscientious, committed employees turn into crazed, malicious hackers when you give them a bit of freedom over their IT environment? Or are the nerds in IT all secret control freaks—the sort of folks who alphabetize their DVD collections and have separate drawers for different-colored socks and put on protective clothing before pounding a nail? Either way, if they had the budget, they’d probably hire hall monitors.

Some IT folks might argue in their defense that standardization helps to keep IT costs down—but so would having only one item on the menu in the corporate canteen. If leading edge IT tools are, as many claim, essential to unleashing human creativity, why would any company force all of its employees to use the same computers, phones and software programs? This makes no more sense than forcing every painter in the world to use the same 24 by 36-inch canvas and No. 8 paint brush, irrespective of the scale and style of the particular painting. Sadly, though, this sort of logic doesn’t cut much ice with bureaucrats, who will always vote for control over freedom—after all, if you actually trusted people to make wise choices, bureaucrats wouldn’t have much to do. Nevertheless, IT professionals need to spend less time trying to enforce technology standards and more time trying to make sure that every employee has access to the world’s best tools.

User profile image.
Gary Hamel is a leading expert on management, recently ranked by The Wall Street Journal as the world's most influential business thinker. Hamel's landmark books, Leading the Revolution and Competing for the Future, have appeared on every management bestseller list and have been translated into more than 20 languages.


Because a clueless few ruin it for everyone else, and the costs of cleaning up the damage for a few careless employees that browse any site they want, download whatever free games they want, or try and use a program that works with nothing else and have no clue how to make it work with what everyone else uses or put it in a format everyone can read costs the company more then whatever potential gain they would have had.

In short, people who break their computers at home ruin it for everyone else in the office that has a clue (which is normally the minority). Really, if there is a better program or site you need to access you should be able to run it through your manager and get approval to install it.

If you want to know why IT policies are the way they are, then you need to move up the food chain to the CEO/CIO/"Whoever Makes the Decisions". IT policies are in place largely as a CYA for the company and for the IT staff. This is needed mainly because of the law and because we as IT are usually the ones held responsible.

How much freedom your users have largely depends on how much you can trust them. Freedom and Security compete for priority. The stakes are the well being of the company and its employees. As an IT person, the more freedom I give a user on their machine, the more trust I must have that the user will not do something wrong. If that user is the accountant, their machine may contain all the company's financial records and well as the records of every single employee. Is exposing that kind of information to a breech going to be an acceptable outcome in return for allowing the end user full control over their computer? Of course not.

But there can be a balance. For there to be a balance, you CEO/CIO/Whoever needs to realize that you can set up a secure environment where your users are empowered. But that takes time and money. OS's like Linux allow the user full use of the system without the need to be the administrator. Something many Windows programs still can't handle. You also need some training. Its not unreasonable to expect your users to learn new job skills. Security needs to be included in them.

If your company has good governance policies, they you should be able to display your (unusually) superior grasp of data handling, security knowledge, and PC competency. You should be able to demonstrate to IT that you are able to handle both increased authority and responsibility in this area.
Within my company's site there are exactly 3-4 people that fall into this category.
The rest surf recklessly, can't be bothered to check wired connections, and ask: "CPU... Is that the big black thing with the green light on the front?".
When people fail to take responsibility for their own education and safety, then the Lowest Common Denominator goes pretty low.

I totaly agree with all the comments above. I am also supprized that man thought of "leading expert on management" can be so clueless about IT security and management.

1) 80-90% of PC users now only 1-2% of features of modern text and spreadsheet applications. Advanced users use up to 5% of those features.

2) Large majority is not aware that computer viruses can be transfered via USB Flash memories, and how (Autorun option in Windows) and that it only takes 5-10 seconds for USB stick to be infected.

3) Very Large population has no understanding of illegal use of software available from underground, or even shareware that is legal to use for personal use, but not in an business environment. Penalties that company could be forced to pay for illegal use can be huge, and in my country (and I am certain in all others) executive can be liable for criminal act and spend few years in jail.

4) Already said incompatibility of software can lead to high inefficiency of the employees. And if user that installed the software himself is stuck with a problem, he will expect of his IT department to have necessary knowledge about that application no matter how obscure and irrelevant it can be. Support for large number of applications will also increase the needed number of IT employees heightening the cost of IT support.

5) In Windows environment, there is enormous number of sites from which users could download infected software, of even worst a beta versions of software. Most of them would silence the AV software because on the site form where they downloaded infected software page would warn them that AV software will make false positives. And in a lot of cases only way to get rid of viruses is total reinstall on said Windows, setup of network and printer environment and etc. That can take several hours if not days of a IT staff member since irresponsible user would most likely be a whiny person wanting everything to be exactly how it was before the reinstall.

6) Every small difference can produce difficulty for IT staff. For example, in multi language community even in one non-English language community can produce confused member of IT staff. Most of the PC's a maintain (free consultant for small companies) have Windows installed on English. And I know where everything is and how it is written even if I am woken from deepest sleep. But there are PC's with installed Serbian language UI. When I do phone support, I then have to translate from English to special Serbian phrases some idiot thought of, and in most cases to ask the user I support to read everything he sees on the dialog window or in the menu, so I can tell him what to click. And when you add ~40% of users that are unable to *see* some option even if I insist that it is at the exact place I told them to look, then you can only imagine what difficulties IT staff would have supporting unknown applications.

That is one of the main reasons I push for Linux in business environment, user can only use what was allowed by an admin and nothing else.

You should read "BOFH" - Bastard Operator from Hell, on The Register:
http://www.theregister.co.uk/odds/bofh/ to see, in funny way, how much the users can lack the intelligence.

Just a note about BOFH episodes I suggested. Only the older ones are funny, starting from arround 1999. New (from last 1-2 years) are more morbid and less user oriented.

Really? Because that's exactly want users want to do. Be more creative at work. How? By Checking their facebook status and surfing YouTube? Bottom line , your work computer is not YOUR computer. It's a resource provided by the company to aide you in getting your job done. You want to install anything and everything you want then do it on your own computer! Which I can guarantee is probably slow and or malware infested!

IT folks should grow up a little. I'm from IT and as well am sometimes frustrated by our overcontrol. This stems from the reasons previously noted, which boils down to "fear", for various good reasons. However, "innovation" should be another important thought and I hope, as in our workplace, IT can develop more accommodation, which is a hard and nuanced distinction from support.

For IT to install newer versions of programs is reasonable request. I am all for it, but within limitations. Version should be either known bug free version or tested and without issues. Majority of ordinary clients tend to install newest and shiniest even if they never EVER read about that version coming out. I live in country where 90% of Windows and apps are pirated/cracked. People just do not have money to pay for it, period. But they, in their ignorance, will install "top secret beta of Windows 2020" they found somewhere on the net, with who knows which viruses and malware. And they will not even be aware that it's only XP with visual enhancements.
So, if you do not protect them from them selves, they will reign havoc all over company system.
How about Google and 33 other companies were hacked by hackers somewhere in China. It is suspected they monitored those networks for several months. What do you think would happen if careless people would be allowed to install unsafe software in nuclear facilities all over USA for example? They need their "more accommodation" too.

Part of the problem is that people are using Windows. Sorry, but you can not use that OS and expect the common user to be able to NOT get infected with something. Windows also lacks the tools to allow a user to add software from known good sources. With Linux, you can give the users permissions to install anything in any repo you have configured their system to use. That could be the regular public ones, or a single corporate repo.

I also think part of the problem is lack of IT funding. If you want people to be innovative and they need more IT help, you need to hire more IT people. I see way too many examples, my employer included, that short change the IT budget to save money. At that point, the niceties go out the window and you just do what you have to do to survive. If you have to chose between the servers and end users, the end users are going to lose every time.

Gary - too true...."keeping the lights on" has been the corporate mandate for IT at my last two employers. Usually not because the business is struggling, more to do with the wastage and lack of spending controls in the previous years. Suddenly, someone runs some numbers, discovers their true costs and then embarks on a huge cost cutting phase. Roll on a few years and the business decide IT is not innovative and the restrictions are reversed, a huge and loosely controlled spending spree starts and round we go again !!

Having worked in IT for both large corporates, small support forms and now my own firm I can tell you that each is vastly different and typically the larger the firm, the more restrictions apply. As scales increase so do problems with support, licensing, backups, logging and audit / regulatory pressures - so there are real drivers to reduce and control choice.

I agree with the earlier comments that the leadership are key to setting policy. Those that don't understand the technologies and risks will always default to the safest position, and doubly so in the more conservative or risk averse industries.

I am hopeful for the future, as today's enthusiasts, savvy with OSS and social media, become tomorrows managers and policy changers.

Just found this, seems the business don't trust IT either!


Please do not mix-and-match. Beencounters are not "business".

And it *is* normal, although troublesome. CFO is responsible for reducing costs, CIO is responsible for keeping IT infrastructure on par with demands, now and in the future. IT mind is always clouded with new and expensive gadgets, and beencounter is always obsessed with numbers behind decimal point.
Ancient Summers are the first to invent beencounters to manage cropse redistribution from farmers to city-state population. Hence the name. but the ruler was not a beencounter, just like in all the other hierarchies, and that higher up management is responsible for the balance.

Social Media and Internet (in particular) only brought information to the ones who *want* to be educated, not to the masses, so I am not that much enthusiastic like you. We have managed to revert the evolution with our "heel everybody no matter what" so we now have genetic illnesses expanding and plaguing more and more of the population as new generations are born. I do not preach slavery or current "bleed them dry capitalism soon to be feudalism" but there has to be a measure of "man-kind first, individuals later" in our behavior. And "consume, consume" and "faster, faster" business models and 1000+ channels of TV are responsible for the fact that now kids receive 30 *times* more information then back in 1940-1950. That is why they are hyperactive and why 50-70% of the kids have flat feet and poor finger/hand coordination (primary distinction from the animals is the opposite) in "civilized" countries. And why kid from the small village/town in majority of the cases is better then his big town counterpart.

If you want real progress, make majority of the people turn off their TV's (commercial TV, reality shows,...) and have them to start reading more. When you achieve that, you will get more intelligent human race that will think for them selves and will not need IT policies to restrain their ignorance. Until then...

A CFO's role is to manage and control costs in line with the business and will invest where needed. As such they sit firmly in the "business" camp.

IT's biggest problem is translating a technical requirement into a real business case that the Board / Senior Management Team understand. Too often they are seen as a cost centre that needs to be tightly controlled and so are often seen to be "outside" the business.

Until CIO's and their team can credibly act like business leaders they will always be under a certain level of scrutiny and less likely to go out on a limb.

Totally agree with your comment about TV and general ignorance, it disturbs me the people I see out and about can vote and serve on a jury. Walking upright seems achievement enough!

As an IT man of one small company I agree with many of the comments of this article. The employees in our company use currently limited accounts, but their software is updated periodically. I have tried let them use priviledged accounts, but I have been surprised by the number of junk sofware (pirated games, downloaded " magic" software tools, etc) found on their computers after just one week. I think that at the job the employees must use the computers with responsability to accomplish their tasks. Always they can tell us what software they need and generally they receive what they want (installed by us of course).

Creative Commons LicenseThis work is licensed under a Creative Commons Attribution-Share Alike 3.0 Unported License.