OK, everybody else writes their “top issues of the year” posts in January. Silly me, I thought I’d wait until I actually saw what the issues were. By now, I’m pretty sure about the ones below. These issues are not all that new. Pundits have been yammering about them forever. What’s different is that they are actually hitting our sector now.
It’s no coincidence that TAG, the largest association of IT managers at foundations, has chosen “Knowledge: From Collection to Protection” as the theme for this November’s conference. While it’s been talked about for years, knowledge management is now becoming something foundations and nonprofits are hiring consultants to actually do.
Two causes seem to be responsible. First, there’s big data. We’ve all heard that most of the data in the world has been produced in the last few years. The good side is that we get a lot more to study. The bad side is that it’s clogging up our operations. Even smaller organizations like foundations, whose staffs rarely number more than 50, are finding it harder and harder to locate the knowledge they need. This is particularly true for documents. Over time, years of haphazard storage on shared drives result in a mess to navigate.
The second cause is related to the first. Over time, the people you’d ask where to find something retire or go somewhere else. After a certain point, turnover takes away this usual way to cut through the clutter. If, for one reason or another, turnover is unusually great, this can be a real problem.
Fortunately, the forces of order haven’t been standing still. People are getting more familiar with techniques like de-duplication, retention policies, file and folder naming and metadata. Technologies with which you can use these techniques are getting simpler and less expensive.
Collaboration is closely related to knowledge management. You can even say that knowledge management is a form of collaboration. Since the birth of the PC, each of us has been putting files away so that we could find them again. Now we have to store them so that other people can find them. In the same way, we change how we work on information so that others can do it with us.
Increasingly, we work in groups, and we need to get good at it. This isn’t as easy as learning to use Microsoft Office was for individuals. To even experiment with collaboration, you have to make arrangements with other people.
At the same time, so many technologies for collaboration have come along, both for file sharing and for collaboration in real time. In some organizations, this has resulted in different groups using different systems, with consequences for, guess what, knowledge management. It’s hard to find something on a Google Drive to which you haven’t been invited.
Another thing driving collaboration technologies is mobility, because everybody wants to be able to work from anywhere, anytime. This is not all that new, but what is new is that the people who want this are winning. It’s become a consensus that IT has to adjust to and provide accordingly, and one way to do this is with a good, cloud-based collaboration system or two.
After a period where we thought we had security in hand with firewalls, intrusion protection, anti-virus and anti-spam, new security risks have popped up, basically for three reasons.
First, stealing other people’s information has gone from being a hobby to being a profession. Very serious, capable people are making a career out of breaking in. It’s generally said these days that no organization can expect to deflect an advanced persistent threat forever, and the really bad news is that foundations and nonprofits have begun to become targets for this kind of sophisticated attack.
This can happen for a couple of reasons. First, nonprofits are not known for being highly security conscious, and many of them are small. Nevertheless, they may take credit cards. The combination spells easy pickings in some cases. Second, foundations and nonprofits often help people who are in conflict with hostile governments or other interests. For example, activists for a free Tibet have been identified from records on supporting organizations’ sites. Some major foundations have been attacked, presumably because of people with whom they have been in contact.
A second main security trend today is that firewalls may be the target less often than people. Spear phishing, cleverly crafting emails that entice a person to click on an infectious link, has become an art. In addition, people at some organizations are neither trained nor restrained enough to keep confidential information from getting out. Not everybody in the organization has signed nondisclosure agreements. Not everybody understands what is confidential. Data loss protection systems are rare in our parts. A lot of information can get into the wrong hands through mistaken voluntary activity.
Third, it’s been the case for years, that the attackers and defenders are on a merry-go-round where one will rule for a while and then the other will get stronger. The bad guys simply seem to have gotten a little ahead, but we’re making a comeback.
Large organizations have known for years that part of IT is helping with the organization’s non-technical business processes. This is particularly true because workflows and the technologies that support them are intertwined. A lot of the smaller nonprofits and foundations are only now getting to the point where this has become an issue. Grants management systems, CRM, financial systems, collaboration and file sharing all have areas of overlap with how business is passed on from one person to the next. If the processes aren’t right, you can’t fix them with technology.
Large organizations can hire business process analysts or folks with similar skills to coordinate the effort to reform these processes. Smaller organizations usually try to do it by committee. In some cases, this doesn’t seem to be working, so it’s becoming a question of finding the right consultant.
A lot has been made of the fact that the cloud has changed the role of IT by taking away the need to tend servers. What has been less obvious, perhaps, is that users’ expectations of IT have been changing, so it’s a good thing IT may have a little time freed up.
“Consumerization” means a lot more than new personal technologies coming into the organization. The fact is that it’s now often easier for individuals to get things done on their own than it is to do them with the technology supplied by IT. Users are wondering why.
If users’ rising expectations are matched by an IT department that is used to hanging out in the data center, a big gap can develop, and IT can become disliked. More attention often needs to be paid in areas like assessing user needs, suggesting new technologies, providing better training, and offering proactive tech support instead of simply fixing something that goes wrong.
Mobility and collaboration are making it possible for users to do more with people outside the organization, too. The locus of IT effort is shifting from the back office to the ongoing, varied IT activities of each worker. This takes a real shift in IT’s mindset, in some cases.
It’s easy to forget how many nonprofits and foundations are small organizations. This is particularly true for foundations. Their budgets may be quite large, but the staff is proportionally much smaller than you would see in the private sector. The result of this is that the vast majority of foundations, for example, do not have a full-time IT manager. Only the largest few hundred do. This means their IT needs are taken care of by consultants.
But as the needs of organizations come to involve applications, collaboration, documents and knowledge as much as infrastructure, the traditional infrastructure-oriented consultant may not provide everything the organization needs. The question becomes, who will?
Usually, super users, managers of departments closely associated with applications, and people in places like Operations fill the gap for a while, but as the issues we’ve discussed above grow more serious, with their corresponding movement beyond infrastructure and out into the population, these “accidental” IT managers get overloaded.
Is it time to hire that internal IT manager, or is it time for an outsourcing arrangement that covers more than infrastructure and fix-it tech support?
Finally, in making the adjustments between IT and users, among infrastructure, applications, collaboration and outsourcing, who plans and decides? In a time of such transition, sometimes the structures in place have to be redone. This can be either simply to manage the IT function better or more broadly to ensure that change is managed, applications are adopted, and everybody’s opinion is respected. In some cases, it’s a lot of work to get a plan and a series of decisions that keeps up with what the organization needs. What process works?
In the next few years, all of these issues may come to a head. I bet your organization is struggling with a couple of them right now.