Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Where does security fit in bi-modal IT departments?

Mary K. Pratt | Sept. 17, 2015
There seems to be disagreement as to whether security workers should be in the innovation camp or look after the day-to-day operations.

When restructuring an IT department, the recent trend has been to look at possibly breaking it into two factions. One group that handles the daily tasks by putting out fires, and one that looks ahead in trying to create a new landscape that is immune to those fires.

The bi-modal idea has its benefits and its pitfalls but the determination seems to come down to the size of the enterprise. In the mid to smaller companies, there is not the luxury of splitting the security group out into subgroups. In the bigger companies the question becomes where do the security folks belong.

For Dale Denham, CIO of promotional products industry company Geiger, he believes security should sit in operations. An innovation team is focused on functionality, but an operations team would focus on making sure everything is secure, he said.

The Lewiston, Maine, company has a 25-member IT department that supports 750 workers (400 of whom are independent contractors). While acknowledging that mixing operations and innovation within a single team has its own set of challenges, he says he believes a bimodal IT department could easily develop a “throw it over the wall mentality” – that is, once the innovation team is done, it just tosses the completed project to operations without adequate transition and concern moving forward.

“There is the challenge of when you pass that over. You have to transfer a lot of knowledge, and that’s hugely inefficient and then if you want to upgrade that project, where does that update [get tasked]?” he says, noting his shop is “a big continuous improvement shop. We’re constantly making tweaks: Is that operational or innovation? If you were set up in two shops, who gets that?”

Denham says on his team nearly everybody does both operations and innovation. He says a handful of help desk folks and networking staff are straight operations, although they do help support innovation by, for example, spinning up a server when needed.

But overall, he explains, “when we launch new projects and new tools, the same people who support old tools are creating the plans and executing the plans for the new tools and then support them when they move to operations.”

Denham says the main challenge in this setup is keeping projects on track. “Your project planning is put at risk because you never know what the operational needs will come up,” he says, noting that a large firm might not be as comfortable with that risk as a small firm such as his. He says when he anticipates that his team members might be pulled away from projects, he builds that into a project’s timeline but it’s impossible to know how much time to build in.

 

1  2  3  4  Next Page 

Sign up for CIO Asia eNewsletters.