I'm sick of this attitude of "Always be super nice and make sure you over mother your users" crap. You know what: If my car engine seizes because I haven't changed the oil, no one tells the car makers or the mechanics they didn't do thier job right. If I leave the oven on all night and get CO poisoning, no one blames the oven maker for it. If someone doesn't buy renter's insurance we don't blame the apartment owner for them losing their net-worth.
PCs have been almost ubiquitous for 20 years now. For my entire freaking life I have been hearing about how "you need to back up your data". We have consistently made better and better backup tools, like mozy, or backblaze. Yet somehow it is our fault some idiot decided "It won't happen to me!". At some point, we just have to have the users be a tiny little baby step of a bit responsible for their stuff too. Just like accounting makes people responsible for their inventory and expense reports. Just like HR makes people responsible for their own insurance stuff. Sure they help, but crap - people need to be a little grown up in their lives and actions.
Just because this person did not bother to find out about backups from her IT does not make it ITs problem. Hell, you don't even know if there was or wasn't the ability for backups in place. Most university IT shops have lots and lots of capacity and backup options in place -- and they are documented, they just don't force users to do it. You know why? Sanctimonious asshats come from the other direction then, complaining not about how IT must mother the employees, but instead must back off the draconian rules to make users feel more welcome.
tl; dr -- Users should be held to some standard of responsibility and IT is damned when they do and when they don't.
Just because this person did not bother to find out about backups from her IT does not make it ITs problem.
It was IT's problem before this person ever came along. That's the whole point.
A few quick questions:
1. Are you capable of implementing an IT infrastructure where it is impossible for a user to lose mission critical data? If not, then you're incompetent. Move along, please.
2. Are you willing to implement an IT infrastructure where it is impossible for a user to lose mission critical data? If not, then you're
insubordinate. Move along, please.
3. Is it possible for a user to lose mission critical using an IT infrastructure that you have implemented and administer? If so, then you have a problem. Fix it.
Again, in an institutional environment, it is not the user's responsibility to safeguard mission critical data. By definition, this is one of the primary responsibilities of IT.
(Here's a hint: Mission critical data ever on a c: drive = IT failure)
I'm sick of this attitude of ...
And your customers are sick of your attitude. Thanks for demonstrating my point far more effectively that I could ever verbalize it.
Bullshit. The vehicle fleet manager doesn't make it impossible to run out of gas. The accounting department doesn't make it impossible to max the corporate credit card you have. They provide infrastructure, you have responsibilities in it too.
Further, and I'm really really suggesting you read this slow, and look up words you don't understand in the dictionary, universities just don't work this way. There is no central authority that can force this sort of behavior in them. The researchers themselves push for it, and the people who pay IT then demand it be set up that way. No matter how nice it would be to force backups -- IT can't override the fucking dean. Researchers are to be given autonomy is the usual directive. This leaves IT to provide easy access infrastructure, but not go that last step, as they are forbidden.
Are you sure your customers love your "DO AS I SAY IT IS THE ONLY WAY DAMMIT" attitude? Having dealt with sanctimonious asshats like you many times, and further talked to the mormons and jehovia's witnesses at my door, I realize my words won't sink in, but I will make a futile attempt anyway: Give up the judgemental bullshit. Your way is not the one true way. Your smug little smirk makes lots of people fucking hate you, and you know what, you don't even realize they smile and agree with you just to get you to shut up and go away.
tl; dr- go jerk off to your authority some more, the rest of us have real worlds to live in.
It would be nice if you could channel that energy into something more constructive than personally insulting me. Others far more influential have tried and failed to do much with that.
I do care, however, how your behavior affects this community. Others smarter than either one of us have worked hard to keep it what it is. Please remember the guidelines:
2. Follow the guidelines yourself, the condescending crap doesn't fly too well, and is no more or less insulting than anything I said. Further look at the insults you directed towards me. Do you really think your insults don't count but mine do? That act you are committing there, it's called hypocrisy.
3. It is sad you must fall back on pointing out the guidelines instead of addressing the parts about how authority doesn't work according to your claims. It is either an admission of ignorance of how things really work, or a diversionary tactic to avoid having to admit wrong. (PS -- continuing hte diversion about guidelines doesn't change this set of conclusions, no matter how you justify it, the deduction doesn't change).
4. I've been here about as long as you have. Feel free to peruse my comment history. I gladly contribute nicely to non-moralizing discussions, and I call people out when they act disingenuous or jerky. Your attempt to change your moralizing into some sort of "look at me I'm a pillar of the community" is at best an attempt to pull some dirty politics style trick. This loses you even more of the moral high ground you pretend to argue from.
Any tools you use you should learn how to use first. That goes for a knife as well as a laptop. When I see people use stuff with sharp edges I invariably cringe as they point them at themselves and at others while putting force on them. Even passing the scissors from one hand to another comes with a protocol (sharp end towards the giver).
Laptops are powertools, use them well and they'll do you good, abuse them and they'll eat your research data.
Odds are the researcher messed up and uses the 'theft' as an excuse for something or other, otherwise that reward would have been a bit higher, $1,000, $500 of which is probably the second hand value of the laptop, that can't have been much data.
I agree with your basic premise that we collectively should help to make stuff like this impossible (dropbox is a nice step in the right direction making it easy to have multiple versions of your stuff) I just don't believe this particular case is a good example of what happens when 'we' fail. This user carries the blame and responsibility, not the IT staff there, nor the manufacturer of the gear.
Smart enough to use a laptop? -> Smart enough to burn a DVD once a week or so. Maximum loss is one week of data, and that's assuming you place those DVDs in a different physical location from the laptop.
Of course that's too much of an investment for such valuable data.
>. Are you willing to implement an IT infrastructure where it is impossible for a user to lose mission critical data? If not, then you're insubordinate. Move along, please
Bosses don't always let you stick truecrypt on everything, especially if they say, have macs.
Most companies aren't run by the IT guy, and no universities are. You don't get that authority most places.
Are you capable of implementing an IT infrastructure where it is impossible for a user to lose mission critical data?
Impossible? Why is perfection the standard? At a minimum she could have bought a $50 external drive at Best Buy, used the back-up software included in the OS, and the probability of this outcome occurring drops substantially.
This is basic stuff that anyone doing cancer research should understand. The fact that she admits to feeling guilty is an indication that she knows better.
Blaming the IT department, in this instance, would be like not brushing your teeth and blaming your dentist when they start falling out.
Emphasis on Mission critical. We're not talking about an arcane enterprise IT organization keeping you from going on Facebook (or HN for that matter) on your lunchbreak, or considering an upgrade to IE7 over the course of 2011.
We're talking about mission critical data. Data, without which the mission cannot succeed. It was not even backed up. That's not the users fault, it's a systemic failure of the organization, a failure it was/is ITs responsibility to fix.
The problem with those analogies is that they're due to physical properties which the designers of those cars, ovens, and apartments couldn't control.
Oil can't be regenerated. When gas burns, it emits CO. Catastrophes that might hit an apartment are usually out of the architect's control. There are protection schemes, but they're only protection, and they're often expensive.
In contrast, software authors are working in a world where they define the laws of the equivalent of physics. It's hard to define them so that nothing bad can happen, and they may be expensive in terms of memory or time, but there's still a big difference between problems in software and problems in the real world.
I create a new computer company, and put automatic backing up to my servers In said OS. It's part of the price when you purchase. It is fully encrypted, and strictly there to alleviate these problems -- you can always restore backups from our servers. You know what happens? It isn't heralded as a bright and sunny day where the evil programmers and computer wizard finally did something right. Instead it is the "Worst Thing Ever"(tm) and we are invading the privacy of millions. We must be trying to rape children and torture puppies. We will be branded as evil and Fox News will call for our assassinations.
Just because we make the rules of the software does not mean we make the rules of the society and people who use them.
You need a license to operate your car, not so with your PC.
{edit}
Some of your users might well be incompetent computer users and wont pass the "test".
I have often thought about why people dont do backups even when the new tools are easy for most to handle. I think the reason is psychological in nature.
Backup implies that you are at least cognizant of the impending disaster scenario. many people avoid even thinking about this, why think of bad news?. Engineers are accustomed to this way of thinking, its a different mental makeup, we shouldn't assume the general public shares this point of view, especially since most of the time they are led through their computing experiences by "wizards" and "guides" might as well be priests.
> You need a license to operate your car, not so with your PC.
I own a car, pay insurance on it, but never in my life had a driver license. My wife drives it, working on my insurance bonus. But since it's my vehicle, am still responsible for all the stuff around maintenance, meeting requirements for road worthiness, etc.
Perhaps that is the point, you shell off the responsibility to somebody else, pay some money to some 3rd entity and you have insurance, and you pay premium the more lacking you are in responsibility.
Thats not to mention the case that some insurance policies are a legal requirement, case in point car insurance.
So, like companies such as mozy and backblaze, which I explicitly mention? Essentially they provide insurance in the form of backups. Trivial to use too. I'm not sure of your point anymore.
Flip that "entire freaking life" comment around, and ask yourself whether the current IT schemes and the current common IT approaches are working as well as might be desired.
Whether the current IT plans have survived contact with the end-users.
If IT assumptions and approaches and plans aren't working and if errors are repeating, then IT is left to continue to spend on and work on More Of The Same and on Just Try Harder solutions, or IT can look at different approaches and different solutions. At performing some Root Cause Analysis, or whatever that might be called, and at shifting strategies and tactics.
Computer hardware and software vendors have the same issues, too. Sooner or later, the "blaming the users" for a repeating failure modes isn't going to be a viable product strategy, and somebody (else) then ends up owning the problems and the costs, or your product ends up cast aside.
Look to ways the most serious of these repeating problems can be eliminated.
Backups? IT has to expect some users won't do backups. Something akin to Apple Time Capsule with Mac OS X Time Machine is an absolute killer feature for home users. Your data ends up archived with minimal end-user involvement.
Passwords? How long will we repeat the IT password mantras? IT has to expect some users will continue to pick passwords. So what to do about that?
With a large enough breach or a large enough data loss, IT can be forced start deploying its own CA chains and certificates, and moving to tokens or analogous. Or backups. Or whatever. Why not start ahead of that breach?
As for alternatives and depending on your local user requirements, look to add and to migrate to embedded and tablet devices and automatic backups; trump the problems where you can. At certificate chains and VPNs. At automated backups.
Look for, but don't repeat mistakes.
...Don't expect existing mistakes to fix themselves.
...Don't assume that longstanding approaches and solutions are still the best available solutions.
...And don't plan that end-users will grok IT. They know and think about cancer research, or whatever their job is. Not about IT.
PCs have been almost ubiquitous for 20 years now. For my entire freaking life I have been hearing about how "you need to back up your data". We have consistently made better and better backup tools, like mozy, or backblaze. Yet somehow it is our fault some idiot decided "It won't happen to me!". At some point, we just have to have the users be a tiny little baby step of a bit responsible for their stuff too. Just like accounting makes people responsible for their inventory and expense reports. Just like HR makes people responsible for their own insurance stuff. Sure they help, but crap - people need to be a little grown up in their lives and actions.
Just because this person did not bother to find out about backups from her IT does not make it ITs problem. Hell, you don't even know if there was or wasn't the ability for backups in place. Most university IT shops have lots and lots of capacity and backup options in place -- and they are documented, they just don't force users to do it. You know why? Sanctimonious asshats come from the other direction then, complaining not about how IT must mother the employees, but instead must back off the draconian rules to make users feel more welcome.
tl; dr -- Users should be held to some standard of responsibility and IT is damned when they do and when they don't.