A survey of stress levels among IT security staff, thought to be the first of its kind, has shown that an alarming number of staffers are suffering dangerous levels of cynicism, leaving them depressed and unable to function properly. The survey (securityburnout.org) was organized by Jack Daniel, founder of the Security B-Sides …
Tuesday 28th February 2012 17:14 GMT Inachu
When users know the rules but complain about hardware that IT does not support anyway.
So staff calls helpdesk CRY CRY CRY this does not work CRY CRY CRY....
WELL MAM IT DOES NOT SUPPORT THAT PATICULAR HARDWARE.
STAFFER.... WELL I WANT SUPPORT FOR IT ANYWAY!
staffer calls head IT SUPPORT MANAGEMENT and cries and tries to get helpdesk to support it.
staffers are complete idiots.
Tuesday 28th February 2012 00:12 GMT Destroy All Monsters
IT security staff?
I can tell you that operations staff may well be at the same level, what with 24/7 operations that have to run on a shoestring budget powered by hairy rats running in threadmills in the server room. You then get "agility" pushed in your face which basically means that an upgrade will be forthcoming at date X and operations has to somehow choose what to leave out to nevertheless reach an acceptable acceptance level [which basically means the application stack will crash after 2.5 hours instead of immediately, great perspective], you write up an assessment of the problems to be solved [most of them of an as-yet-unknown or even unidentified nature], nobody reads it or reacts on it, marketing makes fun of you because you seem to pressure your coworkers for no good reason, at date X-2 you get told that you should have "informed" people beforehand that there actually were problems (you don't say?) and that your assessment is anyway worthless because there is no precise planning in it, just about thirty blocking points of which two have recently switched to "green". Come again? THIS IS CLOWN INDUSTRY.
Tuesday 28th February 2012 07:06 GMT Ammaross Danan
Re: IT security staff?
Yep. The whole article can be summed up with this paragraph from it:
Management may also be the problem, not the IT worker. "As an experiment," Corman said, "explain to your children what it is you're trying to explain to your chief security officer. If they get it and he doesn't, then the problem isn't with you."
In my position, I work in tandem with an actual knowledgable CIO, and surprise surprise, we accomplish our goals and get the job done.
Tuesday 28th February 2012 13:09 GMT peter 45
Re: Re: IT security staff?
"As an experiment," Corman said, "explain to your children what it is you're trying to explain to your chief security officer. If they get it and he doesn't, then the problem isn't with you."
Just done that with my wife (not saying she has the intelligence of my children. She is intelligent, just not an expert or even working in the field).
When she says 'that makes no sense', I know it is not my inability to make my blithering idiot of a security officer see beyond the statement 'its the rule' to see why the rule exists and when 'the rule' might not cope for specific circumstances or new information.
Tuesday 28th February 2012 18:42 GMT Kevin 6
Re: Re: IT security staff?
Pretty much every place I worked where I was under a ton of stress management was the sole issue. Trying to explain ANYTHING to them was like talking to a damn brick wall.
I've only had one good manager in the years I worked in IT, which I had to quit do to almost losing my damn mind dealing with numpty headed management. If he didn't understand an issue in 20 words or less he would give us the benefit of the doubt to do what we needed to get the job done. All he cared about was our ticket turnaround speed, and when there were no real issues he could care less what we did which usually was doing whacky things like experimenting with micro controllers, seeing what we could recycle broken parts into, or pulling pranks on each other.
His boss didn't like the lack of detailed paperwork we weren't submitting, and how we were sometimes goofing off so the head boss got rid of the best boss I've ever had, and replaced him with a person that's understanding of computers was limited to being able to turn them on, and they made working there a living hell (seriously 2 years I worked there we had 3 people quit total till new boss, after new boss we had a 95% turnover rate every 3-4 months)...
Wednesday 29th February 2012 08:12 GMT Vic
Re: Re: Re: IT security staff?
> I've only had one good manager in the years I worked in IT
I though I had the worlds best manager at one point.
He sat in his corner of the office, apparently doing nothing. But the entire team knew *exactly* what was going on all the time. Light touch management at its very best...
Then he got his own office, and it dawned on us that the reason we'd known what was going on was that we could hear all his phone calls. It turns out he was just sat in the corner doing nothing all along...
Tuesday 28th February 2012 09:17 GMT Dare to Think
Any IT staff?
Made similar experiences. There are wrong perceptions in the industry that we get first class quality IT service by deploying ISO9001, project management for everything the techie is laying his hands on and ITIL . More often than not, ISO9001 turns out that we have now meticulously documented that we are doing $h1te, techies have the pleasure to write the project plans for the project managers and ISO20000/ITIL is an exercise in spending hours filling in BMC Remedy forms. And only after that the IT guy is allowed to do actual productive work, like training up the people from the outsourcing company who will take his job.
It is just that ISO9001 and in large parts ITIL was never meant to be a writing-essays-exercise, the idea was to create a knowledge database, a configuration management system, develop in-house technological excellence.
ITIL advocates very much a long term view of service strategy, design, transition, operation and - most importantly - continuous service improvement - and not pleasing the short term quarterly profit report to some stock exchange.
The PRINCE2 project management methodology lives by the rule "management by exception", which means skunk works, don't let anything interfere with the creativity of the IT guy.
History proves that companies that have taken a long term view and developed and kept their knowledge in-house succeeded most in long term: e.g. Toyota, and Google. This may also be the reason why we see somewhat an insourcing drive in recent years.
Tuesday 28th February 2012 01:00 GMT Onid
Finally someone seeing it formally at last. 3-4 years ago I upped sticks walked out of the company I was in employ with due to useless managers that tried to pin something on me. I had already started an ecommerce venture for my wife which now is sustaining us both. I've been offered work (even from the same people I walked out on) but now just tell them to eff-off.. I'm sure I could do better but I like our little shop and there's no one on our backs - just chasing suppliers heh..
Several people were in same boat - walked out and refused to have anything to do with them any more...
Work in a company me? no thanks ...
Tuesday 28th February 2012 01:16 GMT Anonymous Coward
Tuesday 28th February 2012 01:29 GMT Denarius
Tuesday 28th February 2012 01:55 GMT Meph
Re: stress, cynicism ?
Not so much mandatory attributes as a healthy survival mechanism. Show me anyone who has worked in IT for more than a year without learning the ability to externalise their frustration.
As for coping with PHB's? I shall continue with the military metaphor adopted by the article's author. I upgraded from frontline trooper to special forces. Now instead of being in the trenches with my superior officer, I'm about 400km away behind "enemy lines".
Tuesday 28th February 2012 07:25 GMT Anonymous Coward
Tuesday 28th February 2012 08:52 GMT Arrrggghh-otron
Re: Re: stress, cynicism ?
No, that's not cynicism, it just feeds your cynicism.
I sometimes wonder if I'm speaking a foreign language or if I have developed expressive aphasia when I ask a user to do something in simple plain English and they stare blankly at you or just carry on as if you weren't there.
Tuesday 28th February 2012 01:48 GMT Orv
Tuesday 28th February 2012 02:33 GMT Captain Save-a-ho
Re: Replaceable cogs
The sad truth is that people are (and have to be) replaceable to a degree. The pain is greater with people at the higher end of the scale, but in general, they don't see that pain represented anywhere specific. And they make the HUGE mistake to bring in contract labor to fill voids or complete projects.
So, if you can't beat em? Join em. That's why independent contracting will pay for my retirement at some point not too far down the road. May not be so straight forward on the other side of the pond, but us Yanks don't have too many hoops to hop through and all the extraneous, political bullshit stops being important.
This post has been deleted by its author
Tuesday 28th February 2012 01:56 GMT Notas Badoff
I watched this farce
Company says oooo, let's do a survey of workloads and right-size down to just the number of people required to accomplish the tasks for what we've got now. Done, and... (About 99% of y'all know what coming next).
CEO cheerfully announces the synergies and what-all from the forthcoming merger (takeover) with *two* other companies. And no, neither of them had the staff to do their own workloads.
Pairing up people? Hah! Just let us have +1 or +2 people so we can rotate through the mental facilities!
Tuesday 28th February 2012 02:15 GMT Arctic fox
Tuesday 28th February 2012 02:43 GMT Anonymous Coward
so hands up who has been sick, physically with stress just before a job... Yep, done that. Lone wolfs? Lone hamsters more like running in our wheels as fast as we can go, no support to us, manager just want updates and to know when its fixed. Every job I do on my own. It doesnt matter if I drive 5hrs to site, im not important enough to get a helpdesk type engineer to 'no shut' the other end remotely. thanks. Reports are demanded, no time to do them, its all overtime after 12 hr days. But health and safety thats so important to the company.........
Tuesday 28th February 2012 07:24 GMT Anonymous Coward
Tuesday 28th February 2012 10:12 GMT Anonymous Coward
Re: networkers too.....
I used to stress out about work, right up until the point where I realised that the way I feel is my responsability and depends on my choices. So now when I get a demand from the business that I know is unreasonable, I reply "sure I can do that, I'll put it in my queue 3 months from now" or "sure, I can do that, but I'll need to drop some other project I'm doing for XXX, so you go discuss with him and work out the priorities, and then get back to me". I never say outright "no", I just make sure they know what the cost of what they are asking is, in terms of time and/or the deals they have to cut with other colleagues as to who has access to my time as a resource.
End result, the business users who are too demanding end up arguing with other business users about whose project is more important and I'm left alone to do my stuff. Most days I'm in the office 9-6, taking an hour off for lunch, I almost never look at my emails away from work or answer work calls outside of working hours. Stress levels are almost non-existant for me now.
And if I need any 'external' stress-relief, I count the occasional drink and joint as USE not abuse
Tuesday 28th February 2012 03:26 GMT Wombling_Free
It's not just IT. Mid-level technical professionals everywhere are getting screwed.
... try architecture.
Like IT its only the guys at the very top who wear fancy glass & black skivvies; the rest of us are the untermenschen. Overtime? What's that? You give up your family / hobbies / life for the JOY OF CREATING ART (yah, right) while your black-skivvy wearing boss gets the credit, the magazine interviews, the cars and the bottles of scotch at Xmas.
Oh, and you attended uni for 6 years, took another 2-3 for registration; you aren't much good for anything else by then.
Hobo; because we are going to be there soon, I fear.
Tuesday 28th February 2012 04:30 GMT Rombizio
We should all strike
It is unbelievable how thankless is the IT profession nowadays. We ran all the shit they have. We can render useless every single company in this planet by simply not moving as fast as we usually do, and yet, many employers don't appreciate the hard work we put on their companies. Let's pull the plug, crush enemies and hear the lamentation of the women!
A huge strike all around the world. 24 hours without IT professionals in any areas, in any countries and the world will crumble like a castle of cards. We can ask for a 3000% raise next day and 6 months vacation and they will say: "Thank you for showing mercy IT DUDE!"
And someone please bring the Jack Daniels.
Tuesday 28th February 2012 07:25 GMT gollux
Re: We should all strike
The Wally method, if you can't take a vacation because the PHB has you overbooked, take an in-office vacation. There's all sorts of make-busy and twiddle-fidget that needs to be caught up on anyway, and it can be explained that if the lighter tasks don't get done, the system will go down in flames eventually.
Just remember, the best way to destroy a PHB is to give them what they want, not what they need. Makes them look proactive and allows you to do a bit of Jeeze who'da thunk it while thinking over the previous decades when you were young and altruistic and had to fight tooth and nail to get things done right. Give in and let it rot, then explain afterwards how it should have been done, but now will cost more because of the heap of fail that's built up.
No you can't run that remote office VPN link to provision 5 voip phones, 5 computers and a printer using two Netgear routers you picked up at Office Depot and a DSL connection sqeezed out of Qwest's behind on the spur of the moment. It's sure been an interesting six months trying to keep it going hasn't it? But that's what thinking outside the box gets you. Now lets start thinking inside the box and build the connection using equipment and data services that real companies discovered and have been successfully using for a decade or more.
Tuesday 28th February 2012 14:51 GMT perlcat
We used to call that:
Zombie PTO (Paid Time Off).
When you're out of days off, because you get 5 days a year that can be used for sick or vacation, and so you just sit there at your desk, zombified until you feel better.
I work at a better place now. I get 15 days off for either. With time off for good behavior, I should be done with my sentence in about 8 years. Thank goodness el Reg passes for IT news, so I can code this time to education. Bless your hearts and all your other vital organs, Reg staff.
Tuesday 28th February 2012 05:12 GMT Anonymous Dutch Coward
Regardless of the actual situation, I think there might very well be a huge bias in the way the research was performed.
Small sample size: touched on in the article.
Lack of comparison with other industries or comparison with earlier surveys - i.e. in order to analyse trends (ok, it's the first run, so I understand why that happens): is the % quoted typical or not?
There's a slight ego boost in saying: "Yes, I'm overworked, my boss doesn't appreciate me, I have to solve everything myself, yadda, yadda, yadda"... so could there be a tiny chance that the results may... let us say... slightly exaggerated?
Note: there might very well be such problems in IT (Security), and I haven't bothered to check the actual slides presented in the link (yes, flame me) but the article doesn't convince me the survey says anything.
Tuesday 28th February 2012 07:32 GMT Anonymous Coward
Re: Flawed method?
The method probably is flawed, but the results aren't. As others have said, these observations tend to apply to all people who spend their lives making sure that companies can maintain their operations (not just security). We put ourselves under great stress because we have to or because, being the pros that we are, we know it must be done and if no bugger else wants to sort it, we will.
It's like being a goalkeeper when you have a piss-poor defence in front of you. You spend 99% of the game under constant stress, get all the blame when you finally fail to stop one, and get to see the ponce of a striker get all the glory if he happens to tap one in at the other end.
Cynical? Moi? Damned right.
Tuesday 28th February 2012 09:02 GMT Anonymous Coward
Re: Flawed method?
Indeed flawed. 124? Not enough. Let's not forget that unhappy people tend to let the world know more about it than happy people if the world asks "who's happy and who's not" (because they're biased towards it).
See paragraph "Whether data are collected through face-to-face interviews, telephone interviews, or mail-in surveys, a high response rate is extremely important when results will be generalized to a larger population. The lower the response rate, the greater the sample bias. Fowler (1984), for example, warned that data from mail-in surveys with return rates of "20 or 30 percent, which are not uncommon for mail surveys that are not followed up effectively, usually look nothing at all like the sampled populations" (Fowler, 1984, p. 49). This is because "people who have a particular interest in the subject matter or the research itself are more likely to return mail questionnaires than those who are less interested" (p. 49). " (from http://psychology.ucdavis.edu/rainbow/html/fact_sample.html ).
This post has been deleted by a moderator
Tuesday 28th February 2012 07:13 GMT Anonymous Coward
Please hit me again
IT is a bit rubbish to work in for all the reasons in the article and posted here.
I stopped working full time for a company after just 11 months of being treated like i was worthless.
I was a trainee at the time, but giving training to new staff. I gave the company 4 weeks to change my job (and associated salary) or stop me giving training. Two weeks in i asked how it was going sorting out the 'head-count' and their response was more fluffing and err-ing, showing they clearly hadn't done anything and weren't planning on it.... so notice given.
12 years on and a career of contracting, all the staff i worked with back then have gradually been out sourced or dropped entirely.
No-one will look after you out there so look after yourself, know your worth and let the muppet employers find out just how bad and expensive that contract is with those oh so cheap off-shore resources.
And don't get me started on those people who want [a clone of a very complex / successful mobile app] for 200 bucks. Go pay your 200 bucks and see what it buys you.
Tuesday 28th February 2012 07:23 GMT Guz
Again it's not just IT Security folks.
They need to widen the field a bit more. I'm currently ex-IT (systems administrator), total burn out. It's because of work stress I was forced to seek psychiatric care, but unfortunately only after I walked out 5 years ago.
The problem is I really do like working on computer systems, I find it very enjoyable, challenging, and rewarding. It's all the other crap that goes with it, PHB's, unrealistic time tables, on call 24x7 (yea they say it's only X days, but it's really 24x7), and all the other shit that goes with it.
I still remember chatting with an ER doctor one night (don't ask how or why), we were comparing work hour, work load, stress, etc. Seriously, we both concluded he had better working conditions than I did.
Tuesday 28th February 2012 07:25 GMT BrendHart
It would be interesting to see a similar survey on software developers. This certainly describes me. Every year we seem to get the speech that goes along the lines of : "Whatever was good enough last year isn't going to be good enough this year."
Salaries aren't keeping up with inflation. Bosses are under more pressure to do more with less so they get more antagonistic with staff and every mistake is dragged out and flogged to death while the directors take home bigger and bigger bonuses.
Tuesday 28th February 2012 14:58 GMT perlcat
Re: us stressed?
...and I like the bonus game. You know the one -- where, as a member of the company stock option plan, you see the reports and know things are doing great (as in: BEST YEAR EVER), and then your PHB comes to you and tells you how it was a "bad year" last year, and so no bonus for _you_. Then he proceeds to drive off in a new Lexus SUV he paid for with cash during what used to be bonus week.
My revenge is subtle and it is sweet. Every day, arrive at work ten minutes after PHB, with an oil can. Every day, there is a spreading slick of oil/brake fluid/transmission fluid/coolant under said new Lexus. What? Moi? I know nothing of this. Possibly you need to take it to the shop again.
Tuesday 28th February 2012 07:28 GMT Anonymous Coward
What do you expect
You're dealing with a situation where someone who understands the implications of unauthorised access to a sensitive works computer system, the wrong file permissions/policies, and everything else, has to deal with a load of clock-watching office bods who just want to talk about The X-Factor, can't see how anyone could guess their easy-to-remember passowrd of 'password', openly shout out it to colleagues across the office so that the other person can copy a file because it's easier than themselves doing several clicks, bring viruses in to work on their laptops and phones... and then when the IT staffer is trying to deal with the effects of all these people, some middle aged manager who proudly boasts he knows his way around a DOS system like the back of his hand yet can't even work Sky+ comes in to say that they'd like the company to switch to Spybot and C-Cleaner because their 12 year old son read on Digital Spy that they're free and much better than 'that weird AV shit I never heard of before' we currently pay a fortune for.
And while you're at it, Claire in Human Resources would like to know why our Intranet isn't working on her iPad, which she uses from the same desk where her company desktop lays, running IE6. Oh, and can you order another box of CD-Rs because the head of accounts has to regularly take files home to work on his home PC (especially since we had to block his VPN access after "you smell" and "One Direction suck!" kept being emailed to everyone in his contacts list for some strange reason), so obviously goes through CDs very quickly.
It's literally enough to turn a highly strung person mad. Which is what most computer-savvy people are.
Imagine a doctor caught inbetween patients who want to smear their own wounds with dog shit dipped in fungus, and managers who want to replace X-Ray machines with digital cameras because the photos from their family Christmas dinner were truly stunning.
Actually don't imagine it... live it on the NHS!
Tuesday 28th February 2012 07:44 GMT Anonymous Coward
Tuesday 28th February 2012 08:36 GMT xyz
I see it from both sides of the fence...IT and business and trust me you're as bad as each other. Currently, I've got to sort out a business going ape due to a bunch of cardigan wearing, biscuit munchers in IT support who I would happily "off" or bung into "Special Projects" and get some proper grafters in. There's a bunch of wack developers who think about their CV before starting every new project, or a project is completed when they've finished honing their C# skills or whatever groovy tech is the dish of the day (so insert EF, MongoDB, MEF etc) and who don't care about security because it's not cool (read: don't understand it).
I've a business, who see what they can do at home and can't understand why they can't do it at work. (work here means updating their facebook status) and so many layers of cardigan wearing, buscuit munching management that it takes years to do anything.
Luckily I'm a contractor, which means shedloads of money and the ability to go "f*ck that" when you know you are pissing in the wind. IMHO, the problem is that most people are so lazy, so department bound and so scared of redundency, that they'll spend all their time trying not to do something rather than just ****ing doing it in the first place. You deserve each other.
Tuesday 28th February 2012 15:14 GMT perlcat
Gotta do something about that hostility.
Remember, there are universal constants everywhere. There are two universal constants at work: politics and bullshit, which can transmutate from one form to the other. They are measured in amperes -- and on a given day, there are at least 20 amps of bullshit running through the corridors of any business in order for it to operate. Where I work, it usually runs at about 60 amps -- but right now, a temporary surge of BS has it up to about 80 amps.
Best you can hope for is to get a golf-obsessed boss who ignores his staff so they can get things done. Their lack of presence is something I highly prize and encourage, and will do whatever I can to get him/her promoted. The singe worst thing you can get is a Type "A" go-getter -- and the best way to get rid of them is to do whatever they ask right up until they paint themselves into a corner -- but don't wait if you can post out to work for the aforementioned golfer. Who knows for whom the ax falls; sometimes it falls for thee.
Tuesday 28th February 2012 08:44 GMT Anonymous Coward
Nah all lies....
...my jobs a piece of piss, well if you ignore the lazy users, the impossibe workloads, the 300% reduction in staff, the 500% increase in work, the shorter SLA's, the more complex tasks, the tighter intergration with other departments, dealing with directors and manager who have no idea what they want but they want it, the 24/7 on call (well that's what they think the are getting), the "can you do it out of hours becuase we are busy" syndrome, the eating at you desk, the "oh while your here" attitude, the "phone him up instead of contacting the helpdesk" attitude.
Yup piece of piss.
Thank god for forums to vent out on.
Tuesday 28th February 2012 09:05 GMT Anonymous Coward
How many current high level managers "started out" in IT?
I suspect its not many, so the lack of understanding and awareness is driven from the top.
How many "successful" managers, driving big cars see the value of strong passwords or lean OS?
The old guard will die out and hopefully with them the tendency to tape post-it-note passwords to the screen.
Move on, move up and when you are a manager and faced with something you don't see the value of get current advice.
Remember unlike many previous professions it is not possible to have "Learnt IT" there is no final chapter, just a constant changing ecosystem with advantage and risk.
Much of the stress comes from the IT world having been wedged into the inflexible existing architecture of businesses, if a boss is "Crap at IT" we should be free to flag that, the stress is trying to make IT work like something the dinosaurs can drive.
Heuristics over hubris.
Tuesday 28th February 2012 10:08 GMT Sean Timarco Baggaley
There's an obvious problem with this statement:
'Management may also be the problem, not the IT worker. "As an experiment," Corman said, "explain to your children what it is you're trying to explain to your chief security officer. If they get it and he doesn't, then the problem isn't with you."'
Children are wired for learning. They're learning new things from birth.
50-year-old golfing granddads who work to live? Not so much. 30 years ago, when those managers were still young, fresh of face, and naïve, a "computer network" was expensive and difficult. Most PCs were standalone machines and sharing a file involved throwing floppy disks around.
The problem is that learning requires energy: if a new IT paradigm comes in, you have to literally unlearn all the old, outmoded stuff, and that means tearing down your old mental models of how shit works and rebuilding them from scratch. The younger you are, the easier that is as your mental models aren't going to have as much detail and dependencies on other mental models.
It doesn't help that our education systems are designed to train children for tasks that are often obsolete before they've even left college. We need to teach them to learn throughout their lives. To be prepared to keep up with whatever life throws at them. Life-long learning needs to be hammered into children from the beginning; we should be teaching them how to learn, not merely what to learn.
Even so, as we age, the energy we expend on the learning process will reach a point of diminishing returns and there will come a point when we're simply not willing to invest the time and energy needed to rebuild a particularly complex foundational mental model due to all the knock-on effects it would have. This is why people tend to become more conservative with age. Change becomes something to be feared; instead of trying to keep up, we'd rather slow everyone else down.
Worryingly, our population is ageing.
Tuesday 28th February 2012 10:56 GMT Anonymous Coward
Re: There's an obvious problem with this statement:
Yeah, but: Youth can learn things from their elders as well. There is a general attitude amongst junior IT guys to steam in and get it sorted, rather than standing back, thinking about it for a bit and going in with a targeted solution to a problem. Older guys have seen what can go wrong when you ignore change control, for example, whereas many junior guys haven't seen that spectacular outage caused by editing one line of a network configuration file on an innocuous server in an obscure, forgotten computer room.
Tuesday 28th February 2012 11:19 GMT Jay 2
Re: Re: There's an obvious problem with this statement:
Amen! At my first job the sysadmin department was basically run by some contractors and quite a few graduate age permies (of which I was one). It was very much a JFDI place, us doing what we wanted and (almost) damn the consequesnces as we'd be off to the pub.
Looking back on it now we wonder how on earth we ever got anything done, didn't screw everything up and got away with it. Still it provided a great benchmark in my mind of "how not to do things".
Tuesday 28th February 2012 11:21 GMT Hooksie
Re: Re: There's an obvious problem with this statement:
You're absolutely right my Anonymous friend, but it's getting the balance right between that and having to fill out a change control, get sign off from 3 managers who don't know or understand what you're doing anyway and a 48 hr cooling off period before you can go swap a duff hard drive. There are certain things that we as IT professionals should be trusted to get on with but the management always like to say that they take the risk so they make the decision. I just think that if you can't understand the risk then you can't take responsibility for it. We've all had that brown trousers moment. For me it was 1 line of code on a linux box that wiped out a whole service for 3 hours (deleted some files by mistake) but there have also been COUNTLESS times that I've saved the company a fortune by having a well thought out and technical solution to an otherwise seemingly insurmountable problem.
Management need to pay us what we're worth and listen to what we have to say. That shouldn't be too much to ask.
Tuesday 28th February 2012 10:30 GMT liquidphantom
Not just IT security staff
Software testing can be hellish too, your stuck in the middle of a Customers , Management , Bean counters, and software devs. None of these parties understand or give a rats ass about testing or want to know about the results, until it all goes t*ts up and your left fending off a deluge of questions as to why it's gone wrong, but when things do go right every one else pats each other on the back.
So spare a thought for those of us that got lured onto the rocks of a testing career only to have our hopes, dreams, sanity and enthusiasm for life dashed on the rocks.
Tuesday 28th February 2012 11:15 GMT The BigYin
New staff (i.e. grads) are cheaper than existing staff.
So let them burn-out and simply hire new meat for the grinder.
This works are all staff, in all disciplines, in all sectors.
This doe not apply to any level of executive management who have to shoulder real stress and carry real risks. This is why they deserve their salaries, bonuses etc.
Now stop reading this post and get back to work!
Tuesday 28th February 2012 11:45 GMT Triggerfish
The problem with IT.
If you are standing around looking calm, everythings running welll, the managers perception why is he employing someone with so much time on their hands to do nothing.
If you're running around busy, then someone has a complaint somewhere (which they are letting everyone know about) you are responding to. The managers perception why are we employing someone who is not doing there job properly.
This post has been deleted by its author
Tuesday 28th February 2012 13:12 GMT CD001
25 you say...
I'm happy to go overboard to get things done and properly as that's my nature.
Oh that'll wear off given enough impossible deadlines by people who see no benefit in building security in from the offset, unit testing, good design (particularly databases) nor documentation... you'll end up kludging shit together to hit the impossible deadline hoping for the day that you'll have enough time to revisit it and iron out the glitches, optimise, streamline and generally improve the whole thing...
... of course that day never, ever comes.
Tuesday 28th February 2012 13:21 GMT Anonymous Coward
Re: 25 you say...
Maybe not enough in the industry put their foot down to tell the managers the realism of their huge projects and support infrastructure.
Unfortunately, most of it either gets:
a) ignored (in one ear-out the other)
b) blamed for not pulling your weight
c) gets overridden by others want their star project down and you're trying to break down a fragile working week across the lot.
I've been supporting kludged kit since day one at my current job. Dell servers now out of warranty and due to epically fail/explode and trying to judge the next OS onto aging systems just because it's urgent and they're lacking behind customers.
Tuesday 28th February 2012 17:15 GMT Inachu
Re: The problem with IT.
Here is where I take issue with your statement.
Ok at this bank years ago there was this network guy ok? Our network was crappy.
He was running around fixing this left and right running around like a chicken with his head cut off and looking busy. We had it with him as the days goes by the network got worse.
So he was fired and replaced him with a VERY VERY competent network engineer.
As the days went by the network got better and better and soon no more issues and he relaxed readign into gettign more certification for his job field. This new network guys was truly the best I have ever seen! So a new manager was hired at teh bank and he saw the guy reading everyday and the new manager was not even his manager and THAT manager got him fired.
So I got so angry being a witness to this that I got the manager fired for firing such an awsome networking guy.
So to all you networking guys out there just remember I got revenge for you! So tonight go drink a beer in memory what I did for you guys,
Tuesday 28th February 2012 11:57 GMT Anonymous Coward
Tuesday 28th February 2012 12:45 GMT Doug Glass
As I was told for over 20 years ....
... in the corporate world, if you don't like being paid for what you're doing, leave and find another job. Then for the last 12 years that's what I told people.
Nobody put a shotgun to anybody's head to make them work. Yeah, yeah ... grow and get with the program or leave if you can't do the work or feel your inner baby is being mistreated.
Tuesday 28th February 2012 12:50 GMT the-it-slayer
Thursday 1st March 2012 08:28 GMT SpottedCow
Re: As I was told for over 20 years ....
Here's my question --did you actually tell people when they did a good job too?
If you balanced your "kwitcherbitchin" with "Good Job" when it was deserved, good on you. If all you ever said was what you said above, then in my book, you're a lousy boss.
By the way, along the way, I've learned there's a big difference between a "boss" and a "leader". You work for a boss because you have to. You work for a leader because you want to. And when employees want to (as opposed have to), the quality of work is often superior.
Tuesday 28th February 2012 12:49 GMT Anonymous Coward
Lack oif Management
Unfortunately most UK managers (operational and IT) have no training in leadership and management.
The basics are simple, it's Team - Task - Individual. You can not be productive unless you do all 3. Most UK managers focus on Task, some go as far as Team, but only a few work out that the team is based on Individuals.
Example of middle management stupidity;
One of my team got called to say both his parents where in A&E following a serious road accident. This should be a no-brainer, tell him to go, give me a call mid-week, to see how things are going, I don't expect you back before Friday.
The grief, shit and aggrivation I had to go through to get compassionate leave for him was as horendous as it was stupid.
1. The leave would show that the organisation cared for and valued it's staff, making recruitment and retention a lot easier (especially when your primary vendor is up the road and paying 50%+ more money)
2. I really didn't want him working on systems that kept the place running when his brain was going to be going over more important issues (see the original Murphy rules)
3. Poor treatment of a colleague in this situation was not just noted by my team, it was noted by all the teams that reported to my boss, and perculated through the wider business comunity that we supported, being corrosive to staff morale and commitment
Tuesday 28th February 2012 12:50 GMT Anonymous Coward
Tuesday 28th February 2012 15:06 GMT Anonymous Coward
Re: Military IT
I don't think so. These people will feel comfortable in their ignorance instead of thinking about what is improperly done. Then they run over harddisks with tanks or reformat a full intelligence disk array, if the backup system is throwing errors. Or they copy gigabytes of intel and post it on the intarwebs. All real situations; I did not make this up.
I guess their attitude is much more relaxed - in the great scheme of things it does not matter if you send 50 TB into nirvana for good.
Tuesday 28th February 2012 15:33 GMT Anonymous Coward
Re: Military IT
Two points about military users of IT;
1. Ignorance is bliss (or use to be), as new tech was handed out with no real training.
2. If you do a job, where even if you do everything right, you and the people you are responsible for can still end up dead, it does put into perspective the failure to meet the SLA on a system that will inconvieance people, but not kill them.
That said, a supply system that can't get the right kit to the right place at the right time, and tell the bloke on the ground where it is, does come under the heading of potentially lethal, as opposed to lost profit, poor cashflow, and short-time working for the factory floor.
Tuesday 28th February 2012 12:58 GMT despairing citizen
Can I fire senior managers?
every time I hear one saying "I don't do IT", and think it's a good thing.
Well as an IT manager I don't like doing the bean counting (budget management), but I damn well learned to do it to the corporate standards, and operate within the rules the CFO and auditors lay down.
Given the organisation would die quicker if it's IT is screwed up than if it's accounts are screwed up, which is more important, and would the senior manager still have a job, if he turned round to the CFO and Head of Audit and said "I don't do budgets".
Tuesday 28th February 2012 13:17 GMT riparian zone
so, no one seems to disagree, only point and wave at smaples...
I did nearly 3 years in a front line support role which nearly broke my mind...I came to the conclusion (after getting it put right) that managers are generally managers through being good at their own jobs, not necessarily being a good manager (or having IT skills). The whole learning shebang, yup, I'd agree about the process of learning, but whilst adult learning is still about pedagogy (leading children) there will be an ongoing issue...and yes we are all getting older, and business is using IT to reduce people input, but people make decisions - I know why the Unabomber wanted to destroy all computers. So be nicer to your IT guys people who *believe* in gnomes in the box making it all happen, because they SHOULD get off their collective arses and join a union, get their rights collectively. You contractors have it sorted.
Wednesday 29th February 2012 08:36 GMT Vic
Re: so, no one seems to disagree, only point and wave at smaples...
> managers are generally managers through being good at their own jobs
It's called the Peter Principle; everyone rising to his own level of incompetence.
If someone is good at his job, he is promoted. Often, that means changing job.
Once that someone is no longer any good at his job (because it's not the job he applied for), he ceases to be promoted, and is stuck there.
Tuesday 28th February 2012 13:19 GMT Anonymous Coward
How many pointless meetings have you been to today?
I used to enjoy this profession but it is now just running round in circles doing the same old shit and holding the same shit together with bits of shit covered binder twine - new string is too expensive!
At least I have an escape plan for later this year and it isn't dependent on Mr Camalot either.
AC for obvious reasons.
This post has been deleted by its author
Tuesday 28th February 2012 14:14 GMT Anonymous Coward
Tuesday 28th February 2012 14:33 GMT Anonymous Coward
Tuesday 28th February 2012 14:38 GMT Anonymous Coward
HSBC IT anyone?
I used to work for HSBC in IT.
Management by objectives sounds good, and would be were it not for the requirement that at year end 10% of staff must be identified as "not achieving objectives" (so no pay rise) and 1% as "failing" (a step on the way to being fired). Inevitably managers game the system in order to deliver on those targets.
They identify individuals at the start of the year whom they intend to be brand as failures. The catch 22 is that as the year progresses at quarterly reviews the manager must identify to the individual in what respects they are failing and help them address the issues. If that process is a success the manager can't target a different individual as a fail because there will be no opportunity to warn them so they can address any problems. One guy, with many years of a successful career became a fail because one of his kids became seriously ill. His dad died, his wife's mum died. The family was in a non fatal car crash. The psychological effect of finding he was a fail, a long term "company man", the stereotypical "when told to jump would jump highest" became totally demoralised/embittered and leapt at the chance of voluntary redundancy.
I went on an HSBC IT project management course - first thing they said was "over 50% of IT projects fail".
We presented our case study to a senior manager who said the time frame had to be halved but resources specified would remain, no increase. He asked "How do you rate the prospects of success?" If your answer was less than 100% then you'd failed the course - even if the proposal had included some serious caveats and despite the halved time frame.
Transfer that approach to the real world and guess what: stressed out overworked demoralised staff and a 50% project failure rate.
The security angle? Corners must be cut. Can't cut visible function so skimp on stuff the business won't notice, like security. Make sure you've moved on before the brown stuff hits the fan.
Tuesday 28th February 2012 16:44 GMT perlcat
I see your problem, grasshopper.
Long ago, I worked for a manager where if you had an open-ended project with too many unknowns to give a realistic timeline, would hammer on you to give a timeline until you gave up in disgust and pulled a number out of your ass. He'd then hammer on you to cut that time in half(!) That's what passes for "wisdom" and "management" anymore. Now, when I pull a number out of my ass for jackasses like that, I multiply by 2**(number of PHB+1). (the +1 because every now and then they add in a layer of management just to add to the insanity.)
Works like a charm. In fact, I now use that for all my projects that get boss-scrutiny. They all look like a bunch of heroes to each other, and I don't have the same level of agony I did back when I was young and thought that I could make a difference.
This would have made your class project on time and on the money with reasonable confidence -- as long as they don't try to throw resources at the project in order to speed it up. However, the 'not increasing resources' business then works for you -- because you ask for funding for the extra resources (same formula, by the way), and get turned down to where you have what you need without the extra cooks spoiling the soup.
What do you mean, "cynical"?
If your HSBC people were honest, they would say "We design in a failure rate of 50% to all our IT projects because we're ignorant twits." In other words, taking their course will get you a 50% fail rate, and what I just told you for free will make 90% of your IT projects work. Who says that reading blogs isn't useful?
Tuesday 28th February 2012 14:54 GMT Fred Mbogo
Cynicism is natural
IT is a field where Cynicism is natural and a part of what makes it work.
Cynicism is a response intended to help assuage the mind from the contradictions that arise in the eternal battle between logos and praxis.
IT is a field where ideals/ideas/logos say how something should be done but reality/experience/praxis say how something will be done. You get judged by how it should have been done but get reamed if you do not get it done within the constraints that were put to you in which things were done.
I anticipate two possible futures for me as I work cleaning off the mess that results when logo is drunk and stumbling and praxis doesn't give a shit: either leave for greener pastures using talents that I don't know that I have or I start improving IT in the best way possible...THE BOFH WAY!
Tuesday 28th February 2012 17:15 GMT Helldesk Dogsbody
Re: Cynicism is natural
Sounds familiar. Ideas produced by people who're either completely out of their gourd or should be on medication that we have to pull out of our arses fully formed with no manpower, money or time allowed for. Small wonder that we see appropriately applied high voltage as the only way forwards!
Tuesday 28th February 2012 15:17 GMT Anonymous Coward
What Do All The Negative Comments Mean ?
A) The days of the glass datacenter and the stupid green terminal were better. Centralized admin, centralized maintenance, real experts, awe for the datacenter specialists.
B) Too many people in IT; they can be treated like $hit because they are easy to replace.
C) Too many companies do stuff they should better leave to a service company and the people doing it are overworked and not really competent. For example, companies should hire Managed Security businesses to protect their intranets. Google Docs instead of MS Office. Salesforce instead of inhouse SAP installations.
D) IT is in general too complicated and fails in byzantine ways. IT people too submissive in accepting one more technology to maintain.
E) IT people simply don't know how to fend for themselves.
Tuesday 28th February 2012 16:09 GMT the-it-slayer
Re: What Do All The Negative Comments Mean ?
"E) IT people simply don't know how to fend for themselves."
How can you fend for yourself when you're balancing projects, enquiries and other related stuff when you're balancing these like a clown doing a juggling ball act on a rolling platform?
Problem is that there are plenty of non-social IT people (can't communicate with a customer), plenty of laidback approachers (know how to B$ their way through a problem - doesn't truly solve), and not enough who can be geeky enough but be no so anti-social to talk to people to get the true realistic picture across without confusing the management souls at be.
Tuesday 28th February 2012 15:39 GMT earl grey
"spending too long at a company is seen by some employers as a sign that a staff member has reached their intellectual limits"
should have been
"spending too long at a company is seen by some employers as a sign that a staff member has reached their top pay grade and need to start over elsewhere for less."
Tuesday 28th February 2012 15:57 GMT John A Blackley
The report of the study seems to say very little about the kind of personalities attracted to high-stress IT jobs in the first place.
Can communicate with computers, cannot communicate with humans. Has a tendency to blame all ills on someone else (usually given the generic label 'management'). Breaks out in hives when asked to document or explain anything he or she is doing. Has an addictive personality that manifests itself in overuse of alcohol or illicit drugs. Has an inflated sense of own importance (manifested by frequent utterances of "Without me/us this dump would grind to a halt.")
Perhaps none of those people actually take IT jobs.
Tuesday 28th February 2012 16:01 GMT Fenton
Too many people are Semi IT literate
Half the problems stems from too many people think they know alot about computers, cos they built their own PC.
However they do not have a clue what the techies really do. Oh is just A:\install is the most common joke I hear from the guys in the business.
Then you tell them you have to set up 127 virtual servers. DR/HA half of them, do pen testing for the internet facing part,run stress/performance tests to proove the system meets the SLAs that have been plucked out of the air.
And all you get back is . "I only want SAP installed."
Business needs to get back to the point where they realise that quality IT costs money. It can't be done on the cheap.
I often see project plans (far too late in the process) that are so far fetched, and they don't even have dependencies on IT, it beggers belief.
Then you get the big strop when you add in the dependencies and the project goes RED.
I also find there are just not enough really experienced people around to hire. Most CVs I get are from the Gui generation, ask them what happens under the hood and they don't have a clue.
Tuesday 28th February 2012 16:29 GMT Anonymous Coward
The keyword is preparation
Preparing for what might inevitably happen someday. That can go a very long way and its been my experience that a lot of people don't take the time for this. This used used to include me too b.t.w...
For example, if you're in a stressful situation where 10+ customers mail you to report e-mail problems its usually better to try and come up with a scheme which answer ('addresses') their complaints (even if it is an automated response) than to think "ok, got it. just hang on, I'm working on it fast as I can!" because then you can rest assured that they'll eventually going to call you.
Which means that you have to pause your work, so it will take longer before things get fixed, so the risk that more customers are going to call in due to the time the problems last also increases.
I know this sounds all too easy and obvious, just wait until you actually live such a situation. Then its much more tempting to pick up the problems and go go go instead of taking some time first to look into the most efficient way to deal with the problem and its possible side effects (especially these!).
And as said; in my experience most people tend not to do this because "time is money". Yet investing time is sometimes the best way to save lots of it in the longer run.
Tuesday 28th February 2012 17:13 GMT AJames
Tuesday 28th February 2012 17:14 GMT Andus McCoatover
Cor, you think you've got problems..
OK, my current 'work experience' is to 1) design a video capture system (done), and 2) create an internal network to turn the old building into a cultural powerhouse, with an internal network, webserver, and several computers.
If I can't finish the task to the PHB's satisfaction, I could lose my dole for 90 "werkin daze'" As it's "work experience" I get an extra €9 per "werkin' day".
Now, I am to IT as a ballet-dancer is to hod-carrying. I'm a radio engineer, FFS.
Windows Server 2008 R2? Never played with it.
Anyway, I arrive duly every morning at 09:00 and struggle. Struggle? OK, the 'office' (OK, desk) is in an "Asukastupa" (Citizen's house) - a place in each subdistrict that anyone can go to, to use Internet, do sewing, take some strange course like "Psychic Writing", learn a language, eat cheap food, chat, etc. The area is populated by many immigrants. Somalians, mainly, who take advantage of the facilities. Great, that's what they're for! (asukastpa's, not somalians)
BUT, we have limited bandwidth.
So, when someone wants to watch their fave Arabic movie, I haven't a chance of getting a page on the internet. Boss is no help, spending most of his time in a remote "office" (=home). In fact, when he buys the Dell R510 - 2xquad-cores, 12 raid-6 disks he's been convinced to buy, I cannot imagine in the 2 months left I can work out how to deal ANYTHING about it. (God knows why he needs such computing power on the first shot...expand as you grow, surely?)
If I hit him over the head with the Dell, he wouldn't know that was the server I'm supposed to setup.
You guys earn reasonable money. I'm kept awake for the price of a couple of beers per night (werkin daze Only!)
Tuesday 28th February 2012 20:44 GMT perlcat
Re: Cor, you think you've got problems..
For the bandwidth thing, you need to set limits. Take a look at this as just one way to do on the cheap:
From there, you just need to tune it so that nobody gets to hog the pipe. Your movie watchers will adjust their behavior accordingly.
Tuesday 28th February 2012 22:38 GMT Anonymous Coward
Re: Cor, you think you've got problems..
You have to take your pay in kind then. When the new box comes, first stick some virtualisation software on it. Citrix or Proxmox. Then create many virtual machines on it, one of them would be where you store the Warez, another run a windows terminal server, e.t.c. Just don't give your babies obvious names.
All of your (and your friends) computing needs could be served by leeching on that box.
Wednesday 29th February 2012 21:52 GMT perlcat
Re: Re: Cor, you think you've got problems..
I think Andus' problem isn't a hot box on the far side of a very skinny pipe -- it's the skinny pipe.
That said, your idea has a lot of merit in a lot of places. No sense in letting bossly CPU cycles go to waste. It doesn't take that much CPU to operate a Freecell server.
Tuesday 28th February 2012 17:14 GMT nitsedy
Seen it. Fired people for it. On the other hand, at some point we need to realize that business units will always treat IT as a lowly service department within the company (like janitors) if IT lets them. "IT is an expense." "IT has to do what they're told." "IT has to be kept under control." "IT can be abused because they SERVE us."
If IT wants things to change then IT needs to speak up in the professional environment and make it clear that the abuse needs to end. The idea that everyone else is a professional and IT are the "geeks" and "nerds" who don't do anything "important" is a self-fulfilling prophecy unless IT stands up and demonstrates that they're a hell of a lot more important than the company is giving them credit for.
So, put down the beer. Toss the reefer. Put on a decent shirt. Quit feeling bad for yourself. Get up and make a professional stand.
Tuesday 28th February 2012 17:45 GMT Andus McCoatover
(The shirt doesn't matter that much, unless people are so stupid as to be judging you by your clothes, not by ability)
IDEA! If the head of IT has the same IT experience, why doesn't he/she take the ENTIRE IT department on a 'fact-finding mission' to...Seattle...moldovia...Finland, even....for a week on the understanding they can't take phones, nor read e-mails.
(Of course, the might return to find the entire department has been farmed out to an Indian helpdesk, but...)
Tuesday 28th February 2012 21:38 GMT Anonymous Coward
No, Shirts DO Matter
Business people/managers dress nicely exactly because dress matters. It is not a conspiracy to enrich department stores selling suits. It is the correct calculation that suits do indeed impress other people, whether they wear suits or not.
Suit-wearers are assumed to be more competent or more important than t-shirt wearers. They are much less easily being ridiculed or belittled. That is why many consultants come into office in a nice suit - some do it every day for the whole project.
Having said that, I am probably myself ignoring these insights too often, but I also have to say that I am normally treated quite well...
This post has been deleted by its author
Wednesday 29th February 2012 18:43 GMT Andus McCoatover
Re: No, Shirts DO Matter
Somebody should've told Steve Jobs about those "Shafts of Wit" (no, no, Dr. Spooner...Nooo!!)
It's cultural, of course. My boss (at one time head of a department at Nokia) would wear a t-shirt and jeans. I guess the reason was to ensure we were all in a team - but this was Finland. Can't imagine the same behaviour in, for example Germany, where to 'roll your sleeves up' is regarded as slovenly.
Friday 2nd March 2012 23:29 GMT Inachu
Tuesday 28th February 2012 19:04 GMT MissingSecurity
Wednesday 29th February 2012 00:43 GMT Boris the Cockroach
The IT staff are stressed out and cynical.
Hey welcome to the world of industrial robot programming where everything is wanted yesterday, fek all is planned, and the customers changes drawing issues/part deliveries at 5 second notice, then expect to get their bits 6 seconds later.
Couple that with enough robots for 8 programmers and only having 4 employed, and a manager whose main motivation technique is to run around flapping, then deny everyone a payrise because we've failed to hit profit targets this year, dispite turning over more work than we've ever done before.
Its common to nearly everywhere now because of the 'you can be outsourced' attitude from senior managers and customers resulting in lots of places not hiring enough skilled staff to do the work.
But hey ho, its easy to replace people with 5 yrs higher education and 10 yrs+ experience.... must be.... its what I get told every time I ask for a raise
BB... because the internal CCTV camera just switched on and is pointing in my direction
Wednesday 29th February 2012 03:41 GMT Henry Wertz 1
Thursday 1st March 2012 08:28 GMT SpottedCow
"Other professions know that this is a problem and have strategies to deal with it, but there's no recognition of this in IT," Daniel told The Register. "In part it's because we're a very young profession that's constantly changing."
Daniel is missing the point, with no disrespect intended on my part.
Management isn't just unaware (though that's sometimes the case). In many cases, management just doesn't care. Plenty of them don't identify with IT(just a bunch of geeks, probably have social development issues, we don't understand what they're saying so it's probably not important). Further, while most of us know that in IT, the best departments make things go so smoothly it seems easy, that means management assumes it IS easy, not that we're working hard so that it is for our user base. And when it comes to funding IT vs. funding their own salary, benefits, or pet projects, IT will always take a back seat, even though expectations will still be high no matter how little IT is given to build on.
When you don't feel listened to, trusted, or appreciated, the results are lousy. I just left a job where my director took most of the credit (though I'll acknowledge he was owed some), but never told the IT staff they were appreciated, only what they did wrong. He didn't have our backs when a user took it out on us unfairly, and was more interested in showing how much he cut from the budget to justify his salary, rather than ensuring his people got funds for training, or fair compensation, and he wasn't open to issues that took more than thirty seconds to explain, nor constructive criticism.
I'm paid a little less, and my position is a little more entry-level; but I'm now part of a team where we don't have time for politics, and everyone understands IT, so we all understand its value and the amount of work it takes.