We live in the  age of corporate compliance, complex system support, lawsuits, social media, and numerous security vulnerabilities that necessitate corporate IT environments remain locked down. For many years, cries have come from the user base to “free our systems so we can work as we want to work.” And for years, IT departments have resisted those cries.

I have had this discussion with friends, colleagues, employees, clients, and countless others over the years, and my core belief has never changed. IT environments must stay reasonably locked down. It protects the employees and the company from the evils in the wild and from the good intentioned but uninformed masses. Common sense and reason must rule every IT decision, but employees must also understand that not every request is reasonable when taken into consideration for the entire company.

Slate ran an article on this topic, and I love this quote, “Here’s why: The restrictions infantilize workers—they foster resentment, reduce morale, lock people into inefficient routines, and, worst of all, they kill our incentives to work productively.” The author, Farhad Manjoo, was riled against the controlling forces of the IT department. He touches on a few of the arguments for the IT restrictions, but I do not believe he has a true understanding of the implications. He also seems to think that all employees are “power users” and employees have lower job satisfaction because they are not running FireFox. I do not think either belief holds any value.

I am not going to trying and the make the point that all unmonitored employees will run amok, that is an unrealistic generalization. However, I have had some experience with clients in a totally open IT environment, and it taught me that the lack of automated controls increases management’s supervision burden. In one of the worst cases, I was requested to put in a Web filter by the CEO of a company because he was concerned about the amount of time being wasted each day on the Internet. We ran a report after a week of monitoring and found that the average sales department employee was browsing the Internet for four hours a day. They were not browsing competitor sites or industry information but pursuing personal interests. Obviously, there was a big shakeup in the department and the worst offenders were ousted.

In that particular case, the company set sales expectations based off of past performance, industry trends, marketing efforts, etc. and the basic assumption that employees were motivated and on task.  These employees were meeting sales expectations. However, just because they were meeting sales expectations, does that give them a license to waste half their day? If they were fully on task, could they have been beating their expectations by 50%? I have heard many times quoted that most industry groups estimate that employees waste on average 25% of their day on non-corporate Internet activities. For some companies in the software, Internet, and media business this makes sense but not for most other companies.

IT departments frequently hear in new software requests that the software is free. I am still amazed at the number of people who do not realize that software installed on their office computer may be licensed differently then when it is installed on their home computer. In an open IT environment the company would need to train all employees to read licensing agreements and know the difference licensing methodologies. What happens when the employee gets it wrong? Who pays the costs if the company is audited by the BSA and they find software license violations?

What about when employees have questions about one-off software applications? The IT department is “supposed” to know how to answer them. Is it even reasonable for the IT group to have that kind of collective knowledge about every application that can be downloaded from the Internet? Even if you doubled or tripled the IT budget, I am not sure the requirement could be met. In the end, IT would have to spend time and money researching how to use non-standard applications to support the user base. But the cry we hear is that the software is free so we should be able to use it. . .free software is not always free.

I was recently lamenting with a friend about a spat he got into over software compatibility. I honestly believe that many people think this is our way of blowing them off. A few years ago, we found particular printer software caused a conflict with our phone system software. When these two applications were loaded on the same computer, it corrupted the OS within a few days. At that time, we allowed employees to install printer software on their corporate laptops for use with while at home. About 25% of those employees had their computers reimaged multiple times. This amounted to a large loss in productivity and cost to the IT department. No one should expect the average employee to be aware of these issues, nor is it reasonable for a company to run continuous training sessions to keep everyone updated on these topics.

And of course, those crazy lawsuits keep popping up all the time. People find some of the strangest reasons to sue other people and their employers. One of the saving graces that companies use to defend themselves is “standard practice”. In any open IT environment, you do not have enforceable standard practices. I have seen some employees accuse their employers of singling them out for recreational web surfing, and not other employees, when confronted about their job performance. When employees are confronted about productivity issues, they tend to redirect the criticism into anything and everything else but themselves. It is sad, but the courts often agree with the employee in these cases if the company does not have policies and standard practices they follow.

I understand that some large corporations have rather open IT environments. When you peel back the onion a bit, you will find that the environment is not as open as most people believe. Filtering and active monitoring still take place and management will step in when needed.

I do think some of my IT brethren take it a bit far and lock down the environment to the point of reduced productivity. This issue is a trade-off between productivity and security. I am a cautious individual and lean towards security, but I am always open to suggestions from my user base. Viruses, spy ware, ad ware, and data mining are real threats and must be prevented. The vast majority of this “stuff” enters computers by the users own actions. Yes, IT must guard against these threats, and some freedom is part of that cost.

Some employees would “get” all the training IT would need to provide for a secure open IT environment to exist, but others would not and that would risk a data breach or worse. I could not justify it in my own mind much less sell it to management.

I do not always agree with employee suggestions, and I try to lay out exactly why I would not allow a particular application or process. Most people think this method is fair and reasonable. I want everyone to be as productive as possible but operate in an environment that is easily supported and that controls costs. I do not want the organization to face frivolous lawsuits or be compromised in any way.  Simply put, I want a stable secure environment that is always available to meet the needs and challenges of everyone. This is why the IT environment must remain reasonably locked down for the foreseeable future.