sandwichesandapples

For starters, I think I’ve completely learned my lesson about suggesting innovation in a corporate environment. I’m just not going to do it anymore. It frustrates me more when they won’t move on anything. Unfortunately, and unhealthily, it just encourages me to sit back in my smugness and watch as they project manage with spreadsheets. But that’s easier than hoping they’ll innovate and watching them stagnate. So forget that post I just made on not being snarky.

I just brought up to one of my corporate overlords what I posted about here: that we should adopt a more web savvy approach to project management. He pointed out that everything that’s being done on spreadsheets could be done in SharePoint but users don’t want to have to learn something new.

Is that true? We hear that so much that it’s almost a tautology. I mean, don’t we all feel that way: that once we’re comfortable with something we don’t want to have to learn something new? That’s why so many office workers turn to Excel for everything. They know it already.

Here’s another perspective:

Users don’t want to learn a new piece of shit.

SharePoint is made by Microsoft and I’m sure it will come as a total surprise to you that it isn’t user-friendly. Naturally, it doesn’t look like its developers are remotely aware of the past decade of developments on the web. It includes features like a Task List and a Wiki but neither works in a way you’d want them to. The Wiki has nothing in common with actual wikis. And the task list takes several steps to add a task while simultaneously not giving you all the features you’d need in a task list.

It’s got a calendar that works all right. But similarly, the method to add an event to the calendar doesn’t quite make sense. If there’s another even on that day, you have to view it and then add your own. So you’re a bit confused if you’re adding to the existing event or to the day.

There’s a simple reason Google’s suite of tools are so amazing: they work. They work naturally and intuitively. Stick Google Calendar in front of someone and it won’t take him long to figure out how to add an event to it. Gmail may work differently than most other email apps in its conversational-style view but there’s no learning curve required to use it. And once you do, it seems natural.

Too often, we are afraid of using new tools whether on the web or in the physical world not because we’re actually neophobic but because the designers and developers of those tools haven’t put the proper care into make them work well.

The solution to getting people away from using antiquated spreadsheets for project management isn’t to move them onto another shitty tool like SharePoint. The solution is to find a tool that works easily and intuitively. Or build it. We are the web team for Christ’s sake.

A couple of weeks ago I wrote a quick post about Staying Safe and Secret Online at Work in which I talked about TOR. In addition to keeping your browsing secret I pointed out a very legitimate work-related function I have for TOR:

TOR is also useful to me for my work. Because I work in the web department and our IT department has a lockdown on the web servers that we use, it’s a tremendous pain to try to get them to set-up anything out of the ordinary scope. So a few weeks ago, my bosses bought their own commercial hosting to use as our playground. The problem was that they couldn’t even login to our new hosting control panel because the corporate firewall blocked it. I told them about TOR and we got around that obstacle.

This morning my supervisor asked me if I’d gotten any emails from IT about TOR. I said I hadn’t. He said we were allowed to use it anymore. I replied ironically, “I’m shocked.”

A few things:
1) I never assumed we were “allowed” to use it. I wasn’t going to call up IT and say, “Hey, I know a way around your pain-in-the-ass corporate firewall. Is that cool?”

2) How did they discover we were using it? My guess: human intelligence. I had really debated whether to tell my superiors how to get around the firewall in order to use our third-party web server. Now I know I shouldn’t have.

2a) The real kick in the pants is that we’ve never used our own web server even after I got us access to it. Corporate bureaucracy is corporate bureaucracy. My superiors would rather go through all the legit, nonsense channels rather than upset the status quo and use a non-corporate web server to accomplish our tasks faster and easier.

3) I’m using TOR right now. Short of them uninstalling it and then locking my PC down so I can’t install my own programs, I don’t know how they can block it. There probably is a way. But they obviously haven’t found it yet.

4) Bottom line, while TOR may keep you secret, the fact that you’re running it may not be a secret. So use wisely.

UPDATE: My supervisor showed me the email from IT. They didn’t mention TOR. They only noticed that a few of us had installed Privoxy which is packaged with TOR. At least, that’s all they say they’ve noticed. As I pointed out before, you should probably assume IT knows everything you do on your computer all the time. But at least I got a little clarity on what exactly seems suspicious to them. They didn’t say, “your employees are visiting forbidden sites” only “we see you’ve installed a program that might possibly be used maliciously.”

Still, I keep learning that “dynamic” web team or not, we’re still super corporate and there’s no point in telling my superiors about anything “hacky” even when it improves our work. They won’t take advantage of it anyway.

At the major corporation where I’m currently a contractor, the managers of our web team habitually remind us (and themselves presumably) that we operate outside many corporate boundaries. While it’s certainly true a lot of the time, we’re still amazing slow and corporate and, frankly, dumb in many other aspects.

One example, in my role as a contractor, I’m charged with prepping many different sites for launch. To launch them we must coordinate with the IT department. To date, IT has not figured out how to make sites resolve correctly with or without “www.” They launch only “www’” so if you’re below the age of 40 and don’t type “www” when visiting sites, you’ll get an error.

They’re still trying to figure out how to budget this separate task. If you’re not an internet professional, you may not know: this is not a difficult task and should never be “separate.”

These bureaucratic challenges are par for the course. But then this happened:

Last week we had an 8am Monday morning meeting (something a real web team would never do. 8am? Monday?) to dicuss our project plans going forward. Following the unimaginative PowerPoint slides, they revealed our new project management tool:

An Excel spreadsheet.

ADDENDUM: Excel spreadsheets certainly have their places but you’d be hard-pressed to convince me that project management is one of them. Basecamp is an online collaborative project management tool from 37signals. dotProject is an open-source project management tool that can be installed on your own web server. Likewise, ProjectPier (though I was never impressed with it). And I can’t wait to sink my teeth into TaskJuggler. OpenFire is an open-source collaborative server. Heck, even this Tiny To-Do List would be cool. These are solutions that take advantage of the accessibility of the web and the collaborative aspect of web projects. Think differently.

After re-reading my post on corporate insecurity, I added the tag of user experience because one of the main victims of all the nonsense corporate IT security is the experience of the end user. It’s awful. Users have to keep up with tons of password and ID combinations. Rarely do the passwords expire at the same time. Often the password requirements vary. It’s a completely terrible experience. And IT seemingly doesn’t care.

The point I was making in my previous post is that they’re not actually making the company more secure. Because of the multiple passwords and IDs and requirements, users resort to insecure methods of remembering them. At one company where I worked, it was common knowledge that everyone had a Post-It stuck to the underside of his keyboard with the system password on it. This was in case an employee was out and the group needed info off that computer.

My current boss made a comment this week that if IT had their way, they’d shut down all IM programs including the one we use officially in the company.

In this way, IT departments are tiny fascists insisting that they’re making us all more secure by sacrificing our electronic freedoms. And this notion is wrong and old-fashioned.

So in my corporate contract position, I am put through the usual nonsense for an employee regarding IT security. My computer has a start-up screen that requires a user ID and password. Then I have a required system password just to get to Windows. The file management program we use for the website has an ID password. I must enter my time into two separate programs each of which require completely different IDs and passwords.

Various other programs require passwords as well though, for the most part, they just use the system password. Nonetheless, it’s a whole lot of user IDs and passwords. At least five different combinations, none of which expire at the same time.

Last week my system password began the incessant and irritating countdown towards password obsolescence. Each day, the two login systems reminded me with a loud beep and a pop up window that my password expired soon. Also, I received an email each day reminding me of the fact.

I let it all go. If the IT department wants to play by these stupid rules, then let them. My password expired over the weekend.

On Monday, I started up and was prompted to change my password. I did. The second password screen which boots me into Windows didn’t allow me to change the password after expiration. It simply said “This user has been disabled.”

So I called the helpdesk. To make a very long story short, it took them two hours to reset the system password for me.

At the end, I had a brand new password to remember.

So I wrote it on a Post-It and stuck it to my desk.

Is the company more secure for all that?

When your business gets big enough to cubicle your employees, your business has gotten too big.

I’ve taken a corporate contract job for reasons I may or may not write about here and I’ve now been in the position long enough to be pretty dulled by the buffoonery of the whole enterprise. I’m in the web department doing front-end code for a major company on a very specific project so I know my experience doesn’t reflect the entirety of their web business. That said, what this corporate business has done is not streamline their business to work better online but instead taken the speed, flexibility and general all-around usefulness of the web and reduced it to the drab, over-bureaucratized, over-analyzed snail’s pace of every other aspect of corporate work.

Take for example their “content management system” — a dinosaur called TeamSite from a company called Interwoven. I put “content management system” in quotation marks because it actually isn’t a CMS but instead a file management system. The corporation has never implemented the software as a CMS (I don’t know how long they’ve had it) so all TeamSite does is upload files to their server. But in a slow, byzantine way. It serves no purpose to have an expensive piece of software like this and use it as a shabby excuse for an FTP¹ program.

We are promised an expansion to TeamSite called SitePublisher which will give us very powerful content management and presentation tools. I’ve seen several demos but I have yet to see any feature that isn’t found in the best open source CMS software and many features lacking that are out-of-the-box in WordPress. (I’d put Joomla and Drupal up there as enterprise level open source CMS packages even though I have very limited experience with them so I can’t speak to their features.)

Yet in the meantime, as we await SitePublisher, we are unable to simply put our new project online. It must first be “imported” into TeamSite and then deployed to staging (the permission to do this has so far been denied me by the IT department). Then someone with permissions even higher will deploy to the actual web server.

If this all sounds like Greek to you, let me simplify: armed with WordPress MU and $120 for a year of commercial hosting, I could have 40 sites on line within two weeks. I would charge substantially more per hour than I receive as a contract worker but I could have it done.

The web encourages immediacy, action, engagement. And I know I can’t stay for long in a position which denies all that to its web department.

¹ File Tranfer Protocol applications are programs that connect to a web server and give the user a file view of the files on the server and the harddrive. Users can simply upload files from their harddrive to the web server and they’re live on the site.