Internal versus External

Enable or Protect

In many discussions the view of customer  is often cited as a core driver. Organisations have long made a distinction between an external customer and an internal employee. While there is a strong push to only see one customer in recent times, this push comes from a UX (user experience perspective) and “mobile first” perspective.

In this post I’m looking at Information Management from a security perspective. I strongly believe there are differences for employees and customers. In this case customer includes the B2B (Business to Business) and B2C (Business to Customer) elements.

The Internal View

Enable and Protect

Most organisations have adopted a policy of openness and information sharing. Fileserver security is often implemented as open unless specific needs require folders or files to be secured. The latter is usually bound to confidential or sensitive information like commercial negotiations and agreements, NDA (non-disclosure) data, and personnel files. Other information is shared to achieve better re-use of data, enable master data management, foster staff engagement, and nurture cross functional teams.

The element of trust plays a significant role at what level data is shared.

The element of control plays a second level role which data is classified and who is the gatekeeper.

The balance between those two is for each organisation different and largely influenced by what is commonly called Culture and the Industry the organisation plays in.

A good description is “Enable and Protect if necessary”

The External View.

ProtectAndEnable

Customers want to have easy access to their information with the organisation. Repeat data entries is a turn off. If I can’t see what I’ve done previously is also a big no – no. At the same time my information should be protected from other customers or organisations but not necessarily from other employees of my business. For example a third party is working on a project with the organisation, then this information should be shared between the relevant team members of both businesses.

Consequently such external collaboration is often implemented in closed groups or spaces where membership is controlled. This model requires a much closer attention to detail and review of membership in particular when staff on either side move to a different business or part of the organisation.

Trust and Control play again an important role, although the weight towards control is much larger and often reversed to the Internal implementation.

The description here would be “Protect and Enable where appropriate”.

Advertisements

How a junior staff member can review the work of his senior

Jedi Master and ApprenticeA story

There is a small team of 4 developers. These guys are very different from each other.

John is experienced and worked for more than 15 years with the company in different roles. His mantra is “never change a working approach”. He preservers the status quo.

William has the same level of experience in the company but has developed a love for the latest “best practices”. He is always on the look out how to improve things.

Mary is with the company just for a few years and then fresh from University. Some of the “old stuff” she is dealing with is hurting her sense of “doing it right” albeit she acknowledges it works. Refactoring would make maintenance and support easier but would have no visible benefit for the end user.

Alan joins the team and it is his first job. He likes the solid and calm approach from John, the energy from William who always seem to find a way to make stuff better for the customer, and the quick thinking Mary who knows tech stuff in and out.

The team leader struggles at times to get them working together effectively. 2 pairs emerge initially, William and Mary driving change with John and Alan asking, isn’t it working fine? Both have very valid points and the team leader would love to get more synergy going and not risking confrontation between the pairs.

Several approaches come to his mind and he settles on breaking the pairs up by switching the 2 younger members around. To get the learning going he asks the pairs to review their work. One of the older guys, John, has a problem with that as he feels Mary being “too cocky” about the old and well proven way he does things.

The team leader remembers a story he heard once how an airline handled a similar challenge. He takes John and William for a walk and explains to them the idea. He asks them to purposely insert some mistakes in their code. That way there is no loss of face, even if the younger guys find things that were made accidentally. He also tells the younger guys so they know there is no conflict between reviewing code and not making friends with team mates.

This approach can be refined to address the different ways of coding, create appreciation of a new way of doing things as well as proven methods.

4 principles of Information Management

Variety - Volume - Velocity

Variety – Volume – Velocity

The world of big data arrived some time ago. And while the amount of information on the Net is continuously rising, it happens on our personal and corporate systems, too. One only needs to look at the emergence of products like “Sanebox“, which helps you manage your email inbox, cloud storage and share systems like Dropbox and Box, and the rapidly rising capacity that Amazon provides with S3.

Every one of us has so much information available that it becomes harder to keep track of what’s important and how to find it again 2 weeks later!

Good Information Management starts with recognising that is necessary to do something about it.

People

This leads us straight to the first principle. Employees need to do Information Management and not just acknowledging it is a good thing. Hence we must put things in place that ensure people act and act consistently.

Process

This is supported by well designed processes. For example, a supplier email comes in advising a new pricelist. Who receives the email? Is it documented where the new pricelist is stored? Are relevant people notified? Is the old pricelist replaced or marked as obsolete? What happens if the email recipient has left the company?

Content

Information Management is about content. Recognise the different types of information from Word documents, to emails and phone call, from drafts to published data, or from project management to customer requests. Create categories that are relevant to your business and link those to your processes.

Technology

Okay, I’m in IT so let’s not forget that the tools you use play a role, too. Where do people store information? On the local harddrives, a shared service, the cloud? Consistently in the same folders or directories? A lot of people use their email system for storage and retrieval. Most email systems have quite good search capabilities while finding a much needed document on a shared drive or even your local computer is often a challenge. Choose technology that does what you want and is aligned how your staff works.

 

 

them or I?

list of choicesChanging roles a few months ago and evaluating different opportunities over the past few weeks made me think about the criteria I use to do so.

For example, while working at Tait and previous roles I steadily climbed the corporate ladder, gained clout, responsibilities, and enjoyed the success of projects. Surely this came with the price tag of accountability and personal availability. There is no free lunch. However, my point is, it was my choice. Several times during my career I made a case why it was good for the business to implement a change that was also good for me.

Continue reading

Occam’s Razor

Occam's RazorWell it has been some time and quite honestly I dismissed a number of drafts. Hence I’m happy to have something that I think is worthwhile talking about.

On the weekend I was reading about the definition of Paradigm. I found the following example intriguing. Look at the image below. What do you see?

Paradigm

Continue reading

Good Judgement

Last month I reviewed a few presentation on Slideshare and made a note about Hubspot‘s policy approach. I remembered that during a walk at the beach while thinking about management principles. This is the note:

We don’t have pages of policies, instead we have a 3 word policy on just everything:

judgement

Continue reading

Butterflies in my tummy

ButterfliesI’m looking for a new challenge. My dear wife Susani took it literally and asked me if I’m up for a game. I wasn’t sure where she was going with this but agreed.

Which ways can you go?

was her first question. She put my answers each on a sheet of paper. These were for me:

  • “start own business”,
  • “take a similar job with another organisation”, and
  • “go contracting”

She put the paper on the floor and made me stand on one of my choosing.

Continue reading