Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

DevOps and deviance: How bad IT practices become accepted as normal

Peter Waterhouse, Senior Strategist, CA Technologies | April 25, 2016
What IT can learn about the study of the “normalization of deviance” phenomena.

Although vendor-written, this contributed piece does not promote a product or service and has been edited and approved by Executive Networks Media editors.

How many times have you witnessed a sub-optimal IT practice that everyone else thinks is ok, then over time accepted the behavior as being just fine and dandy?

Regardless of whether you lead a startup or work in an established business, we all have a tendency to accept dodgy behaviors. Even if outsiders see them as wrong, our IT teams are so accustomed to using them (without any adverse consequences) that they’re quickly established as “normal” and accepted.

Studies into what’s commonly referred to as the “normalization of deviance” have been conducted in areas such healthcare to aerospace, with evidence showing that many serious errors and disasters occur because established standards have been bypassed and bad practices “normalized”.

While examining this phenomena is critical in the context of safety, it’s equally applicable in how we develop, secure and operate software applications. With the boundaries blurred between the digital and physical world, any adverse behavior leading to security and reliability issues could have dire consequences for customers. And when software becomes infused into long lasting products (from light bulbs to limousines) it’s not so easy to exit markets.

As businesses look to software innovation for growth, time-to-market and quality become essential differentiators. Unfortunately both can be compromised if pre-existing change aversion or newer “speed at all cost” mandates lead to a normalization of deviance. More critically, if a head-in-the-sand IT culture persists, systemic business failures may eventuate – think massive security breaches or major application outages.

The DevOps movement, with its focus on collaboration across development and other IT functions, is now regarded as the best way of establishing the culture and environment needed to support fast and reliable software deliver.  So maybe the secret to helping IT identify and eliminate poor practices is to take the benefits of DevOps and then guidance from other fields that are fighting normalization of deviance.

In healthcare, for example, studies illustrate seven factors that lead to a normalization of deviance, all of which are IT relevant:

The rules are stupid and inefficient – in healthcare, accidents occur when practitioners disable equipment warning systems because alarms are seen as distracting. This happens in IT all the time, like in operations where staff will filter out noise and alerts they regard as irrelevant. It also surfaces when testing is skipped because of manual processing and set-up delays.

Knowledge is imperfect and uneven – employees might not know a rule exists, or they might be taught a practice not realizing that it’s sub-optimal. In IT this persists because many new employees feel uncomfortable asking for help, or when the application of new technologies distort logical thinking.

 

1  2  Next Page 

Sign up for CIO Asia eNewsletters.