Thursday, January 27, 2005

InfoWorld: Toward an instant messaging policy

Image hosted by Photobucket.com
======================================================================== THE ADVICE LINE: BOB LEWIS http://www.infoworld.com ======================================================================== Wednesday, February 2, 2005 IN THIS ISSUE * Toward an instant messaging policy * How to talk to the board -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- ADVERTISEMENT ATTEND FREE STORAGE SESSION COMING TO A CITY NEAR YOU Now, businesses are required by law to manage data at more than a backup and restore level. Is your business prepared to meet Government regulations for data retention? Attend the FREE SAN Educational Program and learn how to do this easily, cost-effectively, and with scalable results. REGISTER TODAY http://newsletter.infoworld.com/t?ctl=B38EEE:353CA35 -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- ======================================================================== TOWARD AN INSTANT MESSAGING POLICY Dear Bob ... Your advice on the importance of creating a good IM strategy is sound. As a private company of about 50 people, we probably face very different issues to those faced by large multi-national corporations. Any suggestions or pointers on what an IM strategy should entail? - Got the message instantly Dear Got it ... I'm far from an expert on the details. Symantec has a pretty good paper on the subject: http://newsletter.infoworld.com/t?ctl=B38EF9:353CA35 My personal opinion: The single most important issue is making sure desktop-level antivirus is installed. IM includes file transfer. You can disable it, but why bother - employees can get files as attachments to e-mail anyway; IM file transfers are probably more efficient. The second issue is the extent to which external parties can participate. This is thorny. If you're wide open it creates security holes beyond employees chatting with the wrong people, since IM clients, like any other software, aren't perfectly hardened. If, on the other hand, you restrict IM to intracompany communication you're missing an opportunity to improve collaboration with business partners. My semi-literate suggestion is to make sure you have an appropriate approach to extranets, and to restrict IM use to internal use and use with business partners through extranet connections. Another difficult question is whether to disable the logging feature. Logging is handy in that employees can review the information later; it's also a bit dangerous because it creates another opening for discovery processes should someone take legal action against your business. A last item ... and it's critical: Employee education. Not on how to use the software - it's ridiculously easy to use. But on how to hit the off switch. Just as it's important for employees to know how to forward their telephones to voice mail so they can focus on getting actual work done, it's important to remind them that having the channel and having it open all the time are two different questions. This isn't a comprehensive list, of course, but it should at least provide a start. - ... http://newsletter.infoworld.com/t?ctl=B38EE1:353CA35 ======================================================================== HOW TO TALK TO THE BOARD Dear Bob ... Our CIO has to report to the board. He has asked us to put together some information that gives them a snapshot without boring them to tears. The main points should emphasize the impact to customers and end users. We are working on categorizing the projects under some main points with a short description that relates how the project/task supports the main point. We are also putting together some statistics since this has not been done in a long time: number of users, PCs, Servers, printers, amount of disk space, VPN connections, phone systems, telephones, applications, etc. We've categorized our expenditures into: * Compliance * New Functionality * Improved Employee Experience * Infrastructure enhancements There was quite a bit of this last, which consumed a considerable amount of time and money. To give you a few examples, we replaced a lot of old PCs, upgraded our WAN and LAN infrastructure, migrated to Active Directory, and upgraded Exchange. Many of these changes were fairly transparent to the end-users because we did a good job of minimizing disruptions. They also do not have the appearance of end-user or customer benefits because they were back-end changes. I was wondering if you knew of some website(s) that may have some business benefit translations already done. - Need some phrases Dear Phrase-seeker ... Sorry - I don't know of anything along those lines. It sounds like you're on the right track so far. A few thoughts that might help: * Compliance and new capabilities - these are where I'd recommend directing as much of the board's attention as possible. Compliance is obvious - fail and you're out of business, or at least have large penalties in store. New capabilities drive either revenue enhancement, cost reduction, or risk mitigation - subjects boards have an easy time with. Add enough description to the big ones that the board gets a picture of what's changing and how ("With the new software we can close business in half the time, meaning less time for buyer's remorse.") * Active Directory - present this in the context of identity management, not in terms of back-end infrastructure. That lets you cast it in the context of improving both security and end-user effectiveness. The impact on security is obvious; the impact on end-user effectiveness is better administration, meaning employees have proper access and privileges promptly and accurately. * Improve employee experience - I don't know about your board; most would have a problem with this as a business rationale. I'd go heavier on the "improve employee effectiveness" angle and use the improved employee experience as a fringe benefit. * Back-end improvements - lump these together under the category of "technical infrastructure management" or some such label that sounds daunting enough to ... http://newsletter.infoworld.com/t?ctl=B38EE3:353CA35 Bob Lewis is president of IT Catalysts, Inc., http://newsletter.infoworld.com/t?ctl=B38EF0:353CA35 , an independent consultancy specializing in IT effectiveness and strategic alignment. Contact him at rdlewis@issurvivor.com . -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- ADVERTISEMENT Have you ever wished you could give every manager in your IT organization a practical toolkit of leadership techniques, the way you can for database administrators or developers? You can. That's exactly what I've engineered my IT leadership seminar to accomplish. If you're interested, visit http://newsletter.infoworld.com/t?ctl=B38EE7:353CA35 - Bob Lewis -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- ====================================================================== INFOWORLD SMB NEWSLETTER Sign up today for the latest news, reviews, and product information essential to the smooth running of your SMB's IT operations. http://newsletter.infoworld.com/t?ctl=B38EE5:353CA35 ====================================================================== ADVERTISE To advertise, contact Elisabeth_raphel@infoworld.com. ====================================================================== UNSUBSCRIBE/MANAGE NEWSLETTERS To subscribe, unsubscribe or change your e-mail address for any of InfoWorld's e-mail newsletters, go to: http://newsletter.infoworld.com/t?ctl=B38EDF:353CA35 To subscribe to InfoWorld.com, or InfoWorld Print, or both, or to renew or correct a problem with any InfoWorld subscription, go to http://newsletter.infoworld.com/t?ctl=B38EEC:353CA35 To view InfoWorld's privacy policy, visit: http://newsletter.infoworld.com/t?ctl=B38EEA:353CA35 Copyright (C) 2005 InfoWorld Media Group. 501 Second St., San Francisco, CA 94107 This message was sent to: GDEWILDE@GMAIL.COM