Making Sense of IT Success
How many times in recent memory have we read about what seems like the ever-increasing velocity of change, and the unprecedented (in our lifetime, at least) societal challenges that we earthlings have encountered over the past couple of years? It’s too early to understand the longer term consequences of a global pandemic, or the impact of violence in Europe on a scale not experienced since World War II. But most seem to agree that these external stressors don’t make performing our jobs any easier. Given the challenges encountered working in IT—an industry that itself seems to reinvent itself at least as frequently as any other—one might be tempted to give up and wave a white flag when the world throws us even scarier curve balls.
And yet, we see remarkable resilience by organizations that have managed—despite obstacles such as vulnerable and unpredictable supply chains or a workforce adapting to the constraints of working remotely—to successfully execute on strategies heavily dependent on technological prowess. What, then, are these strong performers—or the leaders at the helm—doing to separate themselves from the pack?
While every success story is unique, this article explores three themes we see surface repeatedly, which seem to appear in almost every story of organizations overcoming the odds. I don’t pretend to present any secrets here, if any answers at all, but hope to evoke a new idea or another way to look at the challenges you face, and, ideally, to inspire meaningful action.
Keeping up with the ever-increasing pace of change
I’ll start off suggesting that maybe it’s not that some leaders are better at “keeping up” as much as they are at knowing what is important to keep up with. They seem to have more effective means of filtering out information that is less likely to benefit them.
I won’t venture to guess how many new technology product companies enter the IT space every year, or how many new products are launched. It’s staggering, and there is no shortage of other manifestations of the blistering speed of evolution in the technology space. While change doesn’t refer exclusively to technology, technology is, obviously, a primary driver of change.
And change isn’t all bad, of course. Innovation itself demands change. Transformative technologies enable organizations to streamline operations, to innovate, and to do it all faster than they could do without them. But if organizations aren’t careful they can quickly fall behind, which makes it difficult to not fall even further behind in something of a spiral.
Making sense of security-related information
Of all the challenges facing IT leaders, perhaps none offer more urgency or potential loss than protecting infrastructure and employees from malicious attacks. Given a security product landscape that seems to shift almost daily, there’s hardly shame in feeling a bit overwhelmed at the prospect of staying abreast (See the previous paragraph.). What’s worse, it’s not as though security vendors are universally trying to help you make sense of it all. Some vendors regularly employ messaging that’s meant to scare more than it is to educate.
Still, there’s evidence that some leaders are managing quite well. Again, it may be more a matter of filtering out the things that don’t matter, rather than somehow managing to process every new piece of information. I suppose the good news is that while the cybersecurity landscape may be quickly changing, the fundamentals of keeping an organization protected don’t change all that quickly. Leaders who have the ability to focus on these fundamentals seem to do okay.
Doing more with less
IT leaders are, with few exceptions, being asked to do more with less. Some find that there’s simply not time to do it all. Part of the problem may be the fact that so many organizations are dealing with unprecedented numbers of remote workers, a phenomenon which puts new and different demands on IT infrastructure and processes. Other factors seem further beyond the control of any one person or organization, such as an unpredictable supply chain, or the growing competition for talent.
Whatever the case, while resource constraints seem to be universal, some organizations seem to be coping in spite of it.
How do they do it?
So how can IT leaders possibly suffer information overload, cyber attacks and a simultaneous and ever-increasing dependence on IT, and still manage to concoct a recipe for success? Diving below the surface I’ve made a handful of observations involving concrete actions, practices, principles, or tendencies that help explain at least some of these successes.
Process, Policy, People
In successful organizations, IT leaders incorporate a healthy dose and appropriate mixture of process, policy and people in their solutions. These three human elements comprise three legs that help bring predictability, stability, and efficiency to your organization’s initiatives. When one or more of these critical ingredients are weak, it’s only a matter of time before the vulnerability is exposed and, unchecked, wreaks havoc.
Successful organizations more accurately estimate the level of effort required not just for planning and implementation, but, for example, maintaining, monitoring and managing these new solutions. Underestimating, it turns out, is the norm, and even the best organizations don’t always get it right. But they avoid chronic and gross underestimating—all too common—that almost guarantees that targets are missed, deadlines are trampled, and morale is hammered. They invest the time up front to generate better estimates.
Use of Frameworks
Good leaders tend to lean on proven, logical frameworks. While the IT landscape is indeed vast and ever-changing, the priorities regarding how and what we chose to protect are more stable. If, for example, you address fundamentals first—such as those we outline in our Baseline 5 Readiness framework—you’ll already be ahead of the pack. Commonly-known and widely-adopted frameworks include those promulgated by the ISO (International Organization for Standardization), and CIS Critical Security Controls from the Center for Internet Security.
It may not come as a surprise that in the face of “doing more with less”, outsourcing non-core functions is considered a best practice. I see two primary categories of activity that lend themselves to outsourcing:
- Base level administration and management activities
- Critical but time-consuming tasks such as patch management, firmware updates and data protection
Hiring outsiders to bear the brunt of these activities allows staff to focus on value-added services for the organization. The savviest IT leaders look for more from outside help than just someone to “keeping things running". They want to learn more about how a technology can usher in greater efficiencies, enabling a workforce to do more with less effort. They want and expect a level of expertise from a managed services partner that they may be unable to attract, retain, or develop internally.
Keeping it simple
Finally, the successful leaders we encounter all seem to adhere to a KISS philosophy... keeping it simple. By avoiding the three Cs—complexity, chaos and cruft—in their IT solutions as much as possible, they avoid, among other things, a load of technical debt otherwise incurred as IT systems age.
I’m proud that Prescriptive Data Solutions partners with mid-sized and enterprise customers that almost universally share the attributes, attitudes, or abilities described above. We operate with an enablement mentality, in that we understand that much of the value we bring to an organization depends not only on our own mastery of relevant competencies, but that we have an obligation to share our expertise whenever it makes our clients stronger. So while we’re learning ourselves with every engagement, we hoping to make your team better in the process, too, mentoring and sharing how we approach solving problems. We think this attitude creates a far bigger differentiator than technology alone. Let us know if you believe your organization is ready for a partner like Prescriptive.