Vol. 19, #15 - April 14, 2014 - Issue #975
Reader Feedback: Does the IT Profession Need to be Regulated?
- Editor's Corner
- Reader Feedback: Does the IT Profession Need to be Regulated?
- Tip of the Week: Which Folder is that Email Message In?
- Recommended for Learning
- Microsoft Virtual Academy
- Quote of the Week
- Admin Toolbox
- Admin Tools We Think You Shouldn't Be Without
- Events Calendar
- Asia Pacific
- Webcast Calendar
- MSExchange.org Webinar: Information Governance - What IT Pros Need to Know
- Register for Webcasts
- Tech Briefing
- Cloud Computing
- Enterprise IT
- SharePoint, Exchange, and Office
- System Center
- Windows Server News
- Big data forces cloud, database admins to evolve
- Managing the user persona to ensure VDI uptime
- Do the benefits of hybrid cloud computing live up to the hype?
- Put cloud disaster recovery within reach with nested virtualization
- WServerNews FAVE Links
- Color Changing Card Trick
- Is The U.S. Stock Market Rigged?
- Flying Trapeze With The Greatest Of Ease
- 9-year Old Blues Singer
- WServerNews - Product of the Week
- Data Deduplication in Windows Server 2012 R2 in Depth
- SAVE THIS NEWSLETTER so you can refer back to it later for helpful tips, tools and resources!
- FORWARD THIS NEWSLETTER to a colleague who you think might find it useful!
- SEND YOUR FEEDBACK to [email protected] if you have any comments or suggestions!
This week's newsletter focuses on all the feedback we've received from our readers concerning our recent newsletter Does the IT Profession need to be Regulated? (Issue #973). In that issue we touched on the subject of whether or not the IT profession needs to be regulated along the lines of how engineering as a profession is regulated.
From the volume of feedback we received, we obviously touched on a touchy subject :-)
But then we're not afraid of broaching touchy subjects in this newsletter, and neither it seems is Dilbert as the following comic strip illustrates:
Great way to approach a touchy subject, eh?
Reader Feedback: Does the IT Profession Need to be Regulated?
Because of the volume of terrific comments we received concerning Does the IT Profession need to be Regulated? (Issue #973) we decided to give over this issue of WServerNews to listening to what some of our readers have to say on this subject. While the majority of the responses we received are solidly against such a proposal, we did receive a few that can see the other side of the coin to some degree so let's consider some of these to begin with.
A reader named Paul who is a professional engineer (i.e. is a P.Eng.) responded at length by quoting the two sides of my imaginary For/Against conversation and then adding his own commentary:
Against: Buildings can collapse and bridges fall down even if they've been designed and built by professional engineers.
- Planes crash too… does that mean we eliminate the need for pilot certification?
- Actually, buildings do NOT fall down, unless they are blown up. And the last major bridge that fell down was in the 1940's resulting in the establishment of the Association of Professional Engineers. The scrutiny on engineering projects is so great, that accidents now are very rare, and when they do happen, criminal charges are made to those responsible.
- I do not see that level of scrutiny on IT projects, and based on this comparison, should we apply criminal prosecution to those responsible for IT projects that fail.
For: But the training, discipline and mindset of the engineering profession means this kind of thing rarely happens. Passing a few IT certs doesn't give you this kind of mindset or discipline, so it's no wonder many large IT projects fail.
- I agree, but this requirement is overkill. Even engineering projects will only have a Chief Engineer who is responsible; leaving the bulk of the work to many others who may not have the same level of education or certifications.
- An Engineer applies a process that inherently mitigates risks by applying checks and balances, assesses and audits to the process, and then tests/tests/tests the solution to ensure it works as planned BEFORE it is rolled out. If this was done with the initial release of Obamacare Website, the program would have launched well; but because it wasn't the entire billion dollar program is now at risk. Shortcutting the process does NOT save money; it costs.
- What is key for engineering-based projects is that there is a chain of command leading up to someone who is singularly responsible and accountable. This person is a professional, and his future livelihood is based on a clean and successful track-record. He/She personally cannot afford failure attributed to negligence, and therefore, take the care to ensure the job is done right.
Against: But IT projects often fail for reasons beyond the control of the IT pros who design and implement them. Factors such as underbidding and changing business requirements can sink even a well-designed project.
- This would still be resolved if there a chain of command leading up to someone who is singularly responsible and accountable; who is licensed and competent to assess the project and manage the risks; and who's licensure would be removed and professional status would be harmed if he/she failed in their duty.
- Projects do change outside anyone's control… change happens… a professional knows how to manage the change and mitigate ensuing risks.
- Underbidding would be called out if a professional was at the helm, who's first allegiance was to their professional body, and would be professionally held responsible (even criminally) if a doomed project was allowed to continue. Similarly, a pilot is still singularly responsible even if the airline overweighs the plane; the waiter is still responsible if the kitchen makes a bad soup. Who is responsible and accountable if a corporation misuses the equity of many shareholders on IT initiatives poorly executed, for whatever the excuse.
For: But professional training and licensing would enable IT pros to anticipate such difficulties so they can factor them into the project.
- Agreed, but could be overkill. First one needs to differentiate if the IT project warrants oversight and certain levels of competency (as reflected by education, certifications, and experience). What is key is to differentiate IT projects that impact the public or shareholder interests, versus projects that are buried within the domain of a department or private enterprise. If the project impacts the public or shareholder interests, then by all means, failure of the project should result in serious penalties. Mitigation of this risk needs to include independent audits and peer reviews. SOx already addresses the need for Segregation of Duties to ensure that those building the solutions should NOT be the ones to check/test/audit them.
- If the IT project touches the public in areas of security, privacy, freedoms of enterprise, health, or welfare, or if the project impacts shareholder interests (capital projects on the books), then these projects warrant the oversight and competency levels.
Against: Aww, licensing the IT profession is just another cash grab from the entitled class to add more layers of bureaucracy making it harder for ordinary working people to make a living…
- Someone once said that bureaucracy is there to protect the organization from the individual.
- Nursing, Engineering, Commercial Pilots, Lawyers, and Accountants all invest $100,000's on education to develop competency; to earn the right to practice their professions. These professionals each pay about $150/year to sustain their membership in their respective professional bodies. These professionals are responsible, accountable, and have put themselves on the line for their professions. They have paid their dues to practice their professions.
- And I am supposed to give a job to someone who has put up nothing, has unproven knowledge, insufficient education, and little in certifications; takes no responsibility and no accountability, and has nothing to lose if they screw things up, just so they are entitled to "make a living" in a project that could put the public and shareholders at significant risk?
For: Tell that to the public the next time you so-called IT pros waste another hard-earned ten million dollars of taxpayers' money…
- It's not just tax-payer's money. Many people invest their retirement savings in corporations that spend on IT projects that are doomed from the beginning. Responsibility goes beyond the obvious public interest, and public financial accountability (tax dollars)… but to every place the public interacts with corporations that are supposed to serve them, in trust.
And so the arguments on both sides continue...
Next, a reader named John who has been teaching applied IT at the university level for a decade and a half says:
The salient fact I have observed is that IT, at all levels, has become much more complex over this time. When I compare NT SERVER 4.0 to SERVER 2012 R2, a simple wired bus network using hubs to a switched fabric network operating in virtualized mode, SQL SERVER 2005 to the 2014 variant, HTML programming then and now, or security then and now, the pattern is the same -- there is so much more to know, and it all changes so rapidly -- and I have not even gotten into the ramifications of wireless access to portable computer/communication devices -- it just goes on and on.
At the same time, and over the same span, IT has moved from something that is generally 'nice to have' [though it was essential even back then for some arenas] to something which most people [including those in the 'developing' world] consider as essential as electricity or water.
Combine those two things together, and the parallel between IT and medicine does not become all that far-fetched -- in each case the body of knowledge to be mastered is vast and always changing, the consequences of error can be significant, and the 'consumer' of these services has no direct way to evaluate practitioner expertise [although of course, after-the-fact rating systems have become quite useful in the medical profession].
Looked at this way, not only is it high time for the IT procession to gain a 'license' type of certification, exactly analogous to medicine or law, but it is also time to accept this fact, and for professionals in this field to work out how it can be implemented and supported by education [a task considerably harder than it looks].
One of the causes of IT project disasters is incompetent management, made so because in most cases, IT professionals do not have the standing or clout to push back -- imagine what would happen if uncomprehending incompetence was brought to bear on doctors or lawyers -- the fur would be flying frantically in no time flat. Why? Because, given their professional status, it is hard to bully doctors or lawyers [it can be done] -- yet managers find it trivially easy to bully IT professionals, with all the problems which result. So ultimately, gaining the sort of professional licensed status that doctors and lawyers have is something all IT professionals should aspirationally value. And just as we have paramedics and legal secretaries, there will be a hierarchy of tasks people can do based on their demonstrated levels of skill and knowledge. I do think this is going to be demanded of us, and sooner rather than later.
Interesting point that requiring the IT profession to be licensed might benefit us IT pros by giving us more clout to push back when management tries to bully us. On the other hand, another reader named Daniel says "Be careful what you wish for" and elaborates with the following points which I've excerpted from his email:
My comment arises from...the law of liability applicable if one becomes a "Professional" in the legal sense... Simply put, "regulation" is another label for an aspect of the IT Professional Liability (Malpractice) case... One of the consequences of becoming one is clearer applicability of conduct codes [which] include liability relevant duties, including an at least implied "duty of inquiry" that may not be all that applicable in the "ordinary negligence" case otherwise applicable (in the absence of express contractual undertakings which tend to convert the theory of liability to contract not general negligence (tort) liability). There are many consequences...to be analyzed. For example, I am no longer informed on insurance practices in the IT industry, but its considerable cost to doctors, lawyers and other recognized professionals is clearly material to any analysis for IT Professionals.
Hmm great point. If IT pros need a license to practice then they would not only have to pay professional dues but probably also pay more for insurance to protect them against lawsuits when things go wrong.
Another reader named Bryan who has worked at a major Computer Science and Engineering university for over 20 years said:
I've often wondered why true engineering discipline in the IT industry remains so elusive. Here are a few of my insights:
1) Software is intangible and we humans have a difficult time applying value to intangibles. Code is rarely valued for its elegance and maintainability, only its output. If the output is looks good, then the software must be good. "We" tend not to care that it has lurking bugs like 16 bit pointers, too few bits allocated to storing the date, or dependence upon a 3rd party product from a company that no longer supports it.
2) Anyone can code. We teach our kids to program in grade school. We teach employees to write formulas for Excel. Anyone can pick up a book and learn to code, it's easy right? Good programming is undervalued, it takes time and discipline and experience. It also requires that those paying for it value good code -- see #1.
3) Lastly but most importantly, IT changes too rapidly. A bridge designed and engineered a decade ago could be built today with the exact same materials and construction methods and it would still strong and viable. Steel and concrete don't change that often. New materials must undergo rigorous analysis before receiving the necessary approval for use in public projects. It takes years. There are critical industrial control systems being built today using Programmable Logic Arrays (PLA) designed in the 1980's because they are still one of the few technologies to have Federal approval for use in some critical applications. Even the medical industry which is driven to save lives, must advance at a glacial pace due to the rigors of clinical trials and government approval processes. How then can we expect IT systems to be robustly engineered when the very building blocks of the system evolve daily?
Several readers like the one above have brought up the issue of how quickly IT technologies change as a blocker to establishing a professional licensing process. This next reader named Doug is one who echoes this sentiment and brings up another issue:
I've heard discussions regarding government regulation of the IT profession going all the way back to FoxPro user meetings I attended in the 1980's. Back then fresh out of school I believed the government was a force for good but we still concluded such regulation would cause more negative unintended consequences than beneficial ones. It was a good exercise in thinking through the pros and cons of regulation in a field we're intimately involved with. Now I believe that 90% of government regulation are unnecessary and mostly about protecting vested interests and pandering by politicians to voters. In the investment field there is a huge cost for compliance that in the end simply lowers the rate of return to investors while Madoff breaks the record for fraud right under the nose of the SEC.
The usual winning argument against IT professional regulation is that IT evolves too rapidly for slow government bureaucracies to stay up with.
I'm not sure whether its government that's become less functional or myself who's become more rigid as time wears on in my life. I once read something that people tend to drift from being liberal to conservative to libertarian as they age. Whether there's truth in that or not I really don't know, but I do know a lot of our readers seem to have a negative view of the impact of government bureaucracy on large IT projects as this feedback from a reader named Darryl indicates:
It's not a license that makes a particular job type a profession. The licensing and certification and all those things do not stop the failures we see in IT organizations either. Look at other professions that have licenses. They all make mistakes.
The reason most government programs fail is because they have some of the most inefficient processes in place of anyone. From the way they do bids to how they do it mean that most will fail. Because they treat the projects like social experiments they have all of the weird social rules that have nothing to do with a successful project. The other issue is that they typically hire some of the lowest experienced staff on the planet or are people that have tenure that just don't care anymore because they can't be fired. Licenses won't fix this either as all you have to do is look at all the paperwork mcse's out there. I worked with a major city on the west coast and this is exactly how they are. They have had millions of dollars spent on failed systems because the contractors know it's a quick buck. Until all this is fixed the tax payers will keep pouring out money to the most inefficient organizations in the world and licenses will do nothing to fix it.
Some of our readers think that industry certification programs may be enough--at least if these programs are implemented properly. Readers Jeffrey and Mary Jane responded with:
We think that there is sufficient self-regulation in the IT certification industry. Microsoft was on the right track with its Masters certifications, which were targeted as design certifications analogous to, but not directly comparable to, a PE. Ironically, the way they were designed made them unsustainable.
The security certifications (CISSP, for example) are sufficiently rigorous that they represent a high level of trust, and they have continuing education requirements to maintain the certifications. In the United States, the Department of Defense requires security professions to hold CISSP or advanced CISSP certifications or equivalents for the most senior security jobs.
There are equivalent security certifications for project managers, and technical managers have the Project Management Professional certification (with its own continuing education requirements) that more and more IT companies and government agencies require it for their IT program managers.
We'll end with a couple more short samples of feedback from our readers with apologies to the many others we were unable to include:
Perhaps it should be. I'm a tech who is in very high demand because I achieve results. What I hear very often is "The last guy never did that." Come on, clearing cookies in Internet Explorer is a very basic thing to know. What I am seeing is very poor work on small and even some large networks that I am able to improve almost immediately. I hate to say it but I think 80% of all so-called IT techs out there install a game once and had cards printed. --Russell
I'm not a big fan of more regulation, but I've always been willing to have some sort of regulation in the IT industry. I've got a BS degree in Computer Science and the fact that some guy working out of his garage can come along and tell businesses he knows IT diminishes my education and also cheats out clients of good IT work. --Frank
Regulated? Hmmm…? I don't think we need that. Just let the HR dept's, and todays IT managers make to bad hires. It's just fun watching people fall flat on their faces. Then the Good Techs or Engineers clean up the mess. Thanks for reading and just think good Techs and Engineers fix problems the bad ones go to the geek squad to fix it. --Alan
Is there a benefit from Information Technology and Information Security associations that help their respective professional members obtain guidance, learn best practices, and perfect their trade? Certainly. But to try and establish even a national council to regulate a ridiculously fast moving industry will accomplish two primary things: further reduce the meritocracy that Information Technology has long fostered but which has been in decline for some time now [and] slow down the pace of innovation and change to the that of the lowest common denominator... Let's fix what's broken before we go on to fix what is not. --Andrew
I'm not sure you're asking the right questions. In my experience IT projects that fail do so because they lack a good project manager. I am guessing what we are really talking about here is failed applications. I have seen many fail because an IT Pro, meaning a programmer, was asked to be a project manager. While he or she may have been a qualified programmer, they were not a certified project manager and lacked the skills necessary for that job. I have noticed that people solve problems with the tools they know how to use and many times I've seen a programmer solve a problem with pages of code that a DBA could solve in one or two lines and vice versa. A good project manager has enough knowledge of many disciplines to know what tools to use and also the people skills to get people to work together. I would compare this to why you shouldn't hire a carpenter to build an entire house, you really need a general contractor for that job. This is a great topic, glad you brought it up. --George
I think you need to do more research on this. You should stick to server issues. Sounds like you are writing a new chapter for your next book. --Jeff
Thanks for all the comments including that final snarky one ;-)
Send us feedback
Got more to say on this matter? Let us know at [email protected]
I use Microsoft Outlook for email and have several accounts including corporate and personal ones. Because of the volume of mail I receive concerning my various business activities, I organize my messages into hierarchies of folders and subfolders, for example according to project and project stage. I know Search Folders, which were first introduced in Outlook 2007, is supposed to eliminate the need for such folder hierarchies, but my active mailboxes together with my archive PST files total about 20 gigabytes and I've never felt comfortable with keeping all my messages in one folder and using Outlook Search to find a particular message when I need it because I typical get a ton of results in response to queries.
Anyways, let's say I've searched for and found a particular message relating to a certain project. What if I now want to find all messages relating to that project? Well, they would likely be in the folder where that particular message resides, but how do I determine the folder that contains the message returned by my query? By configuring the current view as follows:
1. Select the View tab and click View Settings in the Current View group (I'm using Outlook 2010 here):
2. In the Advanced View Settings dialog which opens, click Columns:
3. In the Show Columns dialog which opens, click the Select Available Columns From list control and select All Mail Fields:
4. In the Available Columns list, select In Folder and then click Add to add it to the list of columns displayed:
5. Click OK twice, return to the View tab, click Change View and select Apply Current View To Other Mail Folders:
That's it. Now whenever I've got a bunch of results from performing a query using Outlook Search, and I want to know which folder each of the messages in my results resides in, I can turn the Reading Pane off for a moment like this:
and I'll be able to quickly see which folder each message is in.
GOT TIPS you'd like to share with other readers? Email us at [email protected]
Want to test drive different Microsoft platforms and technologies for free? Check out the wide range of guided hands-on labs available at TechNet Virtual Labs:
Microsoft Virtual Academy
Some announcements from the Microsoft Virtual Academy:
Two new Windows Server 2012 R2 Courses now on-demand from MVA
Learn about the end-to-end process for implementing desktop virtualization using Windows Server 2012 R2 and Windows 8.1 with a new course from Microsoft Virtual Academy (MVA): What's New in VDI for Windows Server 2012 R2 and Windows 8.1:
Learn about the new virtualization capabilities and innovations in Windows Server 2012 R2 with a new MVA course covering scalability, performance, security, and multitenancy: Windows Server 2012 R2 Virtualization:
What's New in Windows 8.1 Security: On-demand MVA course
Discover the advances in security for Windows 8.1 across the three core investment areas of modern access control, malware presence, and information protection. In this new on-demand course from Microsoft Virtual Academy (MVA), the Windows Engineering Leads dive into key topics such as authentication, multifactor access control, tamper resistance hardware through UEFI, TPM, pervasive encryption, and protecting corporate data. Watch this course here:
Quote of the Week
"Bureaucracy is there to protect the organization from the individual." --an old saying that was pointed out to us by one of our readers
Until next week,
Note to subscribers: If for some reason you don’t receive your weekly issue of this newsletter, please notify us at [email protected] and we’ll try to troubleshoot things from our end.
Admin Tools We Think You Shouldn't Be Without
Veeam Backup Free Edition is the must-have tool for VMware and Hyper-V. Use Veeam Backup Free Edition for as long as you like. Download now.
Protect your Virtual Data Center. Join us for an upcoming webcast and learn about top 10 things you need to know to protect your customer's data. Register today.
Cayosoft's Admin Assistant for Office 365 makes office 365 seem like it is running on a server right in your office. Requires no complex and awkward components or scripting.
Server performance problems? Find out why with FactFinder Express. See whether the issue is a slow app, slow SQL requests, or a CPU/Memory/Disk bottleneck. 30 day free trial.
PFDAVAdmin lets you perform tasks on public folders and mailboxes for Exchange 2003 or 2007:
TechEd North America on May 12-15, 2014 in Houston, Texas
Microsoft Worldwide Partner Conference (WPC 2014) in July, 2014 in Washington, D.C.
Microsoft SQL Server PASS Summit 2014 on November 4-7, 2014 in Seattle, Washington
European SharePoint Conference on May 5-8, 2014 in Barcelona, Spain
TechEd Europe on October 27-31, 2014 in Barcelona, Spain
TechEd New Zealand on September 9-12, 2014 in Auckland, New Zealand
Add your event
PLANNING A CONFERENCE OR OTHER EVENT you'd like to tell our 95,000 subscribers about? Contact [email protected]
MSExchange.org Webinar: Information Governance - What IT Pros Need to Know
Join e-Discovery and Computer Forensics expert Karen Schuler and Sherpa Solutions Architect, Rick Wilson to learn about the key factors a good information governance strategy should include, why such programs are critical to the success of your business, and gain a better understanding of the key role that IT professionals must play in corporate-wide governance initiatives and managing eDiscovery efforts. This live, interactive event will take place on Wednesday, April 16th at 2PM EDT.
Don’t miss this informative event with two industry experts. Sign up today:
Register for Webcasts
Add your Webcast
PLANNING A WEBCAST you'd like to tell our subscribers about? Contact [email protected]
Amazon Launches New Reporting Tools For EC2 (TechCrunch)
Success with Hybrid Cloud: How Retailers Benefit (In the Cloud)
For classroom machines - The JUST, SHUT UP group policy! (Deployment Research)
Windows Enterprise without Software Assurance and other news (4sysops)
SharePoint, Exchange and Office
Product Review: Exclaimer Email Alias Manager (MSExchange.org)
Demo Scripts for Using Remote Windows PowerShell to Manage Office 365 (Microsoft Download Center)
Monitoring Exchange 2013 with SCOM 2012 (Part 1) (MSExchange.org)
Top Solutions: System Center (Microsoft Press Blog)
Big data forces cloud, database admins to evolve
With big data trends growing, the line between cloud and database admins is starting to blur. Find out more by learning about three key options for large-scale data warehouses in the cloud, and how these options can have a direct impact on the roles and responsibilities of cloud admins.
Managing the user persona to ensure VDI uptime
When it comes to migrating to virtual desktops, it can be challenging to ensure uptime while protecting data and productivity. Fortunately, managing user personality in your VDI deployments can eliminate this pain point. Hear about one CEO's VDI journey and how he prevented these issues from hindering his virtual desktop initiative.
Do the benefits of hybrid cloud computing live up to the hype?
Hybrid cloud computing might be a growing trend, but is it here to stay? And, more importantly, is it right for your unique computing needs? Before you consider migrating to a hybrid cloud environment, there are many considerations to take into account. Use this exclusive expert checklist to decide if the hybrid cloud is, in fact, the right choice for your company.
Put cloud disaster recovery within reach with nested virtualization
Leveraging the cloud for disaster recovery allows you to only pay for what you need, but it might not be as simple as you think. Learn about 5 important steps you must take to enable cloud DR in your organization and how to expertly piece them together with nested virtualization.
This Week's Links We Like. Tips, Hints And Fun Stuff
GOT FUN VIDEOS or other fun links to suggest you'd like to recommend? Email us at [email protected]
Color Changing Card Trick
Pay close attention.
Is The U.S. Stock Market Rigged?
Using a super-fast network, high-speed traders put in their order a few miliseconds ahead of you and raise your price for their advantage.
Flying Trapeze With The Greatest Of Ease
The Flying Shanghai Circus Acrobats with their amazing performing at the International Circus Festival of Monte-Carlo.
9-year Old Blues Singer
9-Year-Old Emi Sunshine Performs On The Today Show