IT pros should not have to support users who lack basic IT skills. A bold statement, I know. But when network users display a complete absence of IT soft skills and common sense, even as security breaches become almost commonplace, they leave us with no choice.
Now, before you object, let me explain. When I say soft skills, I'm not talking about Java, C++, Python or any other programming language. Soft skills in this instance equate to basic PC skills and security awareness, not IT-level knowledge.
When hackers can successfully exploit a company's defenses by using widely publicized techniques such as email attachments, web links and social engineering, there is clearly a problem. But who is at fault? The user or the IT team? Does it even matter?
Let's discuss a few common issues while I demonstrate why sysadmins need to take a stand against computer-illiterate users who require more than their fair share of IT support. The following observations are sure to cause controversy, but quite frankly, enough is enough; and I'm sure many IT pros feel the same way.
Network users are not all created equal. They range from the highly skilled to those approaching a vegetative state, where "turn it off and on again" is not just an option but a complete way of life. Unfortunately, IT is left to assume all the responsibility for repairing the damage when users make mistakes. But, according to Fortune, in many cases, not the blame.
"IT teams can help eliminate human error by accepting responsibility themselves when things go bad and looking for a solution, rather than putting the blame on the users," observes Abdul Jaludi, CEO at TAG-MC, a Milford, Pennsylvania-based provider of business technology optimization solutions.
In most cases, IT pros realize that it's their responsibility to solve the problem and are generally firm advocates of work-based training in basic PC skills and security awareness. IT teams should certainly support users and train them. However, if users make the same rudimentary errors over and over again, should that still be the case? The IT role has expanded considerably and user support is now only a small percentage of sysadmins' duties. If user support dominates, essential business functions could be neglected or ignored completely.
"If the IT pro's role is expanding, they need to implement tools, controls and processes so that each employee, from the CEO to the newly hired data-entry clerk, is able to perform their core function without having to ask which email they shouldn't open or which website to avoid," says Jaludi. "Sometimes training is not the answer. When employees are trained to perform certain IT tasks and problems persist, then it is IT's responsibility to find an alternate solution."
"The [ideal] solution should be a combination of tools, automation and training," Jaludi adds.
In a perfect world, all company employees, from executives to entry-level staff, would follow IT security guidelines. But how many IT pros are prepared to point out the failings of senior executives? Some C-level execs are the same self-proclaimed "big-picture thinkers" who still regard IT as solely a support function, rather than an essential core business asset. CEOs and other senior executives should lead by example and attend training sessions themselves, thereby promoting a culture of security awareness throughout the company. That is the big picture needed to ensure modern business continuity.
All users, regardless of salary or activity, need to make sure that their carelessness does not disrupt company activities. When a security breach occurs — and it will — then at least it won't be because Gavin from HR used his work email to claim his foreign lottery winnings or accept his inheritance from a distant, unknown relative.
In many cases, training can be helpful. But when initial training fails for some users, and they still require excessive levels of support, what then?
Don't give up yet. Use glove puppets to drive the point home to stubborn users. Perhaps create a list of questions that they should mentally ask themselves before clicking on links or email attachments. These could include but are not limited to:
IT pros are unlikely to fall victim to common scams and are quick to identify suspect communications, phishing and ransomware. If in doubt, we can check the properties of email message headers or identify the common attachment sizes for installers or keyloggers. The details of such interventions are usually beyond users, even those with basic soft skills.
The next time you have a "Why me?" moment when a user who lacks basic IT soft skills is unwittingly creating more than his or her fair share of support incidents, or just being a bit of a tool, as we say in Ireland, consider your options. In this writer's opinion, there are several:
In most situations, option one is the default. For repeat offenders, combine options one and three. Unfortunately, option two is never a viable choice for IT pros, but when you enlist HR and department heads to address user incompetence, it usually leads to option three.
Basic PC literacy and common sense are expected in a modern office environment. There is no real excuse for ongoing human errors from the same users. But, short of assigning a sysadmin to each staff member and having them stand behind their designated user to monitor their activity, how can we prevent basic errors?
The simple answer is we can't, but we can cooperatively try to reduce them. We make users' tasks easier and some consideration would be nice, rather than the I-screwed-up-but-fixing-it-is-your-job-so-hop-to-it attitude that many users adopt. Sure, fixing problems is part of our skill set, but dealing with the same BS from the same people on a daily basis is not acceptable, regardless of how funny users think it is to have the geeks scrambling to resolve their incompetence-fueled tickets.
One final note. While users who lack basic PC literacy are the source of endless frustration for IT pros, there's another breed of user that deserves an honorary mention: users who fancy themselves as IT experts. These users should refrain from applying the advanced performance "fixes" they stumbled across on the latest eHow blog post. Performance issues are our domain and are often caused by user activity on YouTube or other streaming video sites. Users, leave the registry and system files well alone. The alternative is, perhaps one day your friendly IT geek squad may snap and bring sweet justice to all involved. In the meantime, can't we all just get along?
An Irishman based in Hong Kong, Michael O’Dwyer is a business & technology journalist, independent consultant and writer who specializes in writing for enterprise, small business and IT audiences. With 20+ years of experience in everything from IT and electronic component-level failure analysis to process improvement and supply chains (and an in-depth knowledge of Klingon,) Michael is a sought-after writer whose quality sources, deep research and quirky sense of humor ensures he’s welcome in high-profile publications such as The Street and Fortune 100 IT portals.
Let our experts teach you how to use Sitefinity's best-in-class features to deliver compelling digital experiences.Learn More
Subscribe to get all the news, info and tutorials you need to build better business apps and sites
You can also ask us not to share your Personal Information to third parties here: Do Not Sell or Share My Info
We see that you have already chosen to receive marketing materials from us. If you wish to change this at any time you may do so by clicking here.
Thank you for your continued interest in Progress. Based on either your previous activity on our websites or our ongoing relationship, we will keep you updated on our products, solutions, services, company news and events. If you decide that you want to be removed from our mailing lists at any time, you can change your contact preferences by clicking here.