How is your IT staff retention? Are your IT professionals in it for the long haul, or are they just going through the motions waiting for the next best thing?
The solutions for retaining IT talent are relatively simple. It is not really about money — that is, unless you are paying them way less than they are worth. It is not even about certifications, degrees or job titles. Rather, it is about your IT staff members being heard and feeling like they are a part of something bigger.
As life has taught us, there are three sides to every story — yours, theirs and the truth. Having been an IT manager (the yours side), a network administrator (the theirs side), and an independent consultant (arguably the truth side seen from an unbiased perspective), I have experienced and witnessed a lot of mistakes over the years that have caused a great deal of frustration and cost a lot of jobs simply because management was not in tune with what their IT staff needed. Here are some of the mistakes I have made and witnessed other people make over the years that can negatively impact IT staff retention along with some things you can do to fix the issues:
1. Lack of tools to get the job done: In order to be effective in IT and information security, you need good tools, period. Listen to what your staff is saying and give them the tools they need. By this I mean tangible tools. Items that come to mind are things like a commercial network analyzer, a security vulnerability assessment tool that finds the flaws that matter, a subscription to the Microsoft Developer Network (MSDN) that provides the latest and greatest versions of Microsoft software and development tools and a user identity and access management system that allows them to get their arms around a complex process that creates unnecessary work and risks. Many such tools are not inexpensive, but that should not be the determining factor. They are a necessary part of doing business — especially if the job is to be done efficient and correctly the first time. Make sure your annual IT budget includes these types of purchases — both acquisition costs and ongoing maintenance costs. You will not have to pay an arm and a leg if you shop smart and make informed purchases.
2. Being made the scapegoat: We have all seen IT projects that struggled or failed in some way or another. The project might go out of scope, over budget or is unable to meet deadlines. There are also the dreaded server upgrades or migrations that cause everyone’s e-mails or network files to magically go “poof” into the bit bucket. There is no doubt that certain IT projects go bust due to lack of skill or people not taking personal responsibility; however, the majority of them fail due to improper high-level planning and oversight. Inevitably, the worker bees take the heat, even for issues completely out of their control. Instead of pointing fingers — especially publicly — learn from the mistake, vow to keep it from happening again and move on.
3. Lack of training: So many people in IT are denied professional training year after year and I do not understand why. I always hear “there’s no time for it” or “it is not in the budget,” which is completely inexcusable. Allowing IT staff to expose themselves to new information so they can learn new things year after year is critical to their success. It is their livelihood and it is your business’s livelihood. Put formal training — classes, seminars and conferences— into your IT budget, or build it into their compensation packages to get your employees out of the office to learn and network with their peers. If the proper training is chosen, the return in intelligence and morale will be enormous.
4. Right person for the wrong position: I often see network engineers, solutions architects and software developers that are clearly in the wrong position. Sometimes it is a serious lack of technical knowledge or experience, and other times it is a techie that does not interface well with customers. Understand the strengths of each of your IT staff members. Whether individuals have great communications with customers, excellent technical abilities and so on, make sure each person is set up for success.
5. No recognition, no respect: Perhaps the biggest missing link required for retaining IT employees is the lack of appreciation of their accomplishments. Contrary to typical workplace practices, praise rewarding positive behavior is much more powerful and effective long-term than strong words condemning negative behavior. Show interest in the success of your employees and make your appreciation known and highly visible every chance you get. If you set a good example and expect them to succeed, they undoubtedly will.
If you incorporate these items into your management style for the long-term, I guarantee the difference in your IT employees’ attitudes and aptitudes will be crystal clear. A neat bonus is that these ideas will help stave off complacency and keep employees around — true benefits you cannot put a price tag on.
Kevin Beaver is an information security consultant, expert witness, author and professional speaker with Atlanta-based Principle Logic, LLC. With more than 22 years experience, he specializes in performing independent security assessments revolving around minimizing information risks. He has authored/co-authored 10 books on information security including the best-selling Hacking For Dummies currently in its 3rd edition. Kevin is also the creator of the Security On Wheels information security audio books and blog providing security learning for IT professionals on the go. You can reach Kevin through his website www.principlelogic.com and follow him on Twitter at @kevinbeaver.