Sometimes education just isn’t enough

Last week, I started making my perennial pitch for more end-user education as a means of securing the Internet. I’m a firm believer in the efficacy of formal training as well as informal methods. Plus, it appeals to the shreds of my belief in the goodwill of most people.

But there are limits to what training can accomplish. When a company’s in-house training depends on the IT staff’s ability to make the time to offer the course, there’s a problem. In general, IT folks rarely make good trainers. I’m not sure whether it’s a conflict between the personality types of the people who wind up in those jobs and the training task, but there’s usually something that doesn’t mesh.

This problem is even worse in smaller shops, where training budgets are often exhausted by the purchase of a “For Dummies” book, and one or two people are the IT department. These unqualified teachers are then asked to patiently explain to new hires where the Start menu is and what to do when the printer jams. This only leaves time for the poor schlub to say, “Don’t open any strange attachments” before HR whisks the fresh meat off to fill out paperwork.

I used to explain to a previous boss who pressured me to offer hand-holding sessions that I had no experience teaching typing or driver’s ed, and furthermore, my understanding the technology at a deep level was actually counterproductive to explaining it at a basic level. He didn’t get it and I eventually left for greener pastures.

Ultimately, there’s a class of users who are totally education-proof. This is the salesman who has to have his hard drive replaced every four or five weeks because he smacks his laptop around after he botches a call. Or the superannuated executive assistant who never met an attachment she didn’t like. Or the person who sets up an unauthorized wireless AP so he or she can work from the coffee shop across the street. Some of these users are on their third or fourth reprimand from IT.

Remember what I said a couple of weeks ago about “fool me twice”? Well, it could apply to this discussion as well. When end-user education fails, the end-users need to know their jobs are on the line. Even if the probationary period is past, IT needs to be the authority that pulls the plug on problem users or, at a minimum, be able to charge a premium support (a.k.a. ID10T) fee to the meatheads’ departments.

Of course, firing someone for a single mistake is a bad idea. But firing someone with a track record of bad judgment is just sound business practice. Why should it be any different because a computer is involved?