Reliable Systems

When a new hire starts with your company, what are you doing to set them up with technology to work with your organization?  You probably focus on making sure you set up their account, clean up a computer for them, and possibly set up a corporate cell phone or Blackberry.  You might also do some quick training with them so they can log in to their computer, get email, and access the Internet.  This is all pretty obvious and fits within normal tickets your IT organization handles every day.

Now step back for a minute and look at it from the employee’s perspective.  When someone needs access to IT resources within your company, there are really three interests you have:

1. Access: People need equipment, software, accounts, and access to IT support.  This is the basic block & tackling that you are handling now.
2. Effective: The tools you provide need to deliver on the business needs the user has.  Whatever’s in the way of that – defective equipment, user training, or suitability to task needs to be addressed.  The best computer with the right software in the hands of a user that doesn’t know how to use them is worthless.
3. Security: Access to your network means access to all of the data and work products within it.  You need people to understand how you approach security, what they are and aren’t allowed to do, and how you’re going to work with them to maintain security.

Setting the Stage

Employees often develop a personal and possessive feeling about the equipment provided to them by a company.  They think of it has their computer, just like they have a computer at home.  This creates a range of problems for your organization by extension:  If it’s their computer then when there’s a problem they’ll want their computer fixed, not a different computer that’s suitable.   They’ll come to regard problems personally, not objectively.

Instead, you want users to look at the equipment they’re provided to do their jobs as just that – tools that enable them to be more effective.  Stepping back into the big picture, a computer isn’t any different than a wrench or a filing cabinet.  It isn’t their computer or phone, it’s the company’s – designed to make them effective at producing whatever the company needs.   When your user community gets this, they’ll self censor their support requirements:  Watching a DVD movie on the company laptop won’t feel support-worthy.

The best time to establish this is to set the right expectations up front:  Have this conversation before the user gets their network account.  The goal is to make sure they understand that:

• You’re committed to their success.  You’re passionate about making sure they’re effective.  You have a support system designed to make sure that their issues get resolved quickly, and you have provisions for support off hours and when they’re on the road.  If they aren’t sure if you can or should help with an item, you want them to engage you anyway – You’ll let them know.
• The technology is there to make them effective at their job. Your job (IT) is to make sure that they are as effective as possible at that.
• They are responsible for their effectiveness. If they need something – training, repair, whatever – it’s their responsibility to get it, and they can get it.
• They are responsible for their user account. Anything anyone does with that account is their responsibility.   That means if someone figures out their password, or they leave their computer unlocked, or otherwise treat their user account with less than the respect it deserves then they are going to be held responsible by the company for that.

Support Your Local Sheriff!

It’s painful to hear on Monday that a user was trying to get something important done and couldn’t due to a simple issue you could have resolved.  Perhaps they knew they could have contacted you for support – but didn’t for whatever reason.  What users will remember is that they had a problem, and it kept them from getting things done.  All of the work you do to support users – special on call staff, phone numbers, email contact, whatever – didn’t work because they never got called upon.

To address this, you want to address as many of the human factors that keep people from calling on support as you can.

1. Make sure you’re always available: The cost of setting up a toll-free number for users to contact support is trivial.  If you don’t already have an on-call rotation, set one up and make sure there’s someone to answer that toll-free number at all times.  The same person can answer an email address designed for support.
2. Make sure they know all the ways: In the past, we’ve published business cards with the 800# for support and email address, and we put these cards everywhere:  In laptop bags, in a card holder at the front desk, anywhere that we could think of so that there’d be one around when a user needed to know how to contact support.
3. Talk to users about it: Be cheery.  Make sure they know that you personally are driven to make sure they’re successful, and you look at it as an honor to help them out after hours.  They need to really get that you want that phone call, because you need to conquer the very human desire not to bother or inconvenience other people.

We really recommend making up a business card that has all of the key information a user needs – the contact information for support, company fax number and main phone number, remote dial in for voice mail, common URLs for external access to email and other services, pretty much anything they need to know on the road.  I’m sure you have it all committed to memory, but if you’re an employee that doesn’t travel every day you probably don’t.  Little steps like this can dramatically affect the general user population’s opinion about IT.

Security Begins at Home

You want to make sure that each user gets how seriously your organization takes security.   People often don’t treat their user account with the same respect they’d treat a physical key or card.  Most users wouldn’t give a stranger the keys to their office or building but would give their password out over the phone to someone who claimed they need it.

People worry a lot about security threats from the Internet, but most break-ins – overwhelmingly – happen from inside.  Most of these are done either through social engineering (where the intruder convinces someone to give them access) or by a disgruntled employee.

To address these common threats, you need to address the key social aspects of security.  In addition to normal sensible security practices,  we recommend establishing a few policies:

1. IT Personnel NEVER ask for passwords: Make it clear to your IT Support organization and every user that no one in IT will ever ask them for their user ID or password.  Therefore, if anyone calls you asking for that information you know one thing – they aren’t authorized to it.  If they give their password to IT, or IT hears that they gave it to someone else, their password will be reset.
2. No one will use their account but them: If IT needs to do something logged in as you, they’ll do it in your presence – after all, you are still accountable for what happens with your account.

The second one may cause some heartburn with your desktop support staff- they’re probably used to solving a range of user problems by accessing the computer as the user, and anything that’ll get in the way of that is a problem.  While it may cause some inconvenience – you aren’t going to be able to do work that requires logging in as the user if they aren’t around – the message this sends to your users about how serious you are about security is essential.  You need to be cleaner about the rules than they are.

What about Non-Employees?

What should you do with contractors or others that need access to your network, even temporarily?  If they are getting a user account, they should go through the same procedure.  You have the same goals:  You want them to be effective and not compromise your environment.

Finally, Ditch the Input Devices

Most computers come with mice and keyboards that are dirt cheap.  If this is what you’re using and you’re recycling a computer, please – get a new mouse and keyboard.  Most computer companies do the same thing when they process returns.  The fact is that keyboards get filthy quickly, and while I may not mind the crumbs from my pop tarts, it certainly isn’t going to create the right impression if I get one that’s full of someone else’s.  You should be able to score new ones for your HP, Dell, or whatever for not more than $40 and really – with what employees cost in salary and other expenses, don’t you want them to know you care?

Have a story about how you support your new users?  Share it in the comments below or drop us a line to tell us about it.