Stevie Eccleson, IT security manager at Hutchinson Networks, discusses how the role of an IT Manager has changed, and looks at the new challenges that come with working in a fast-growing technology company.
Is ‘Internal IT’ treated with suspicion?
Firstly, I think it’s important that Internal IT sends staff the right message. We don’t have an office, so we can never close the door. We stress that we’re always available, especially for new members of staff.
During the onboarding process we point out where we both sit – if it’s my colleague doing the induction he’ll point out where I am, and vice-versa. We want to make everyone feel that if they’ve got an issue that they can approach us. If IT sits in a room waiting for something to happen, they aren’t helping themselves and have already lost the battle in building rapport.
Before we speak to customers, I think we must start off on the right foot internally – to develop the infrastructure and never stop forgetting about what we’re all about. If we provide a responsive service to our staff, they can provide a great service to our customer base.
Most of the feedback we get from our colleagues is positive, but that’s not to say that we haven’t faced negative reception to items we’ve introduced too. Some of it’s been warranted, some of it maybe not so warranted. I think it’s about giving advice when it’s needed, no matter how silly it might initially seem in your head.
What skills do you need to succeed in Internal IT?
The art of diplomacy is not just saying “no” and closing the door. It’s the art of finding a middle ground.
IT along with other shared services must work with every part of the business, from the CEO to the intern who has just walked through the door, and everyone else in-between. So, communication skills are fundamental in this line of work.
How has the role of an IT Manager changed over the years?
The role of the IT Manager since day dot has been to provide assistance to the company and the company’s customers. Over the last decade that I’ve been an IT manager, I think that technology has vastly changed, but I see a lot of similarities endure in the backbone of the role.
You’re still responsible for maintaining the systems, you’re still responsible for keeping everyone happy within the organisation, you’re still responsible for uptime and running an efficient helpdesk. You still have to get your hands dirty, maybe not in a day to day basis, but certainly every other one!
What role does IT play in setting the culture of the business?
The mantra that I tell my colleagues is: “Don’t sit on something, come and talk to us as I might be able to help”. This doesn’t always lead to a perfect resolution, but the next steps can often be sitting around the same table, resolving issues and working out a plan together.
IT can no longer hide behind doors. I am privileged to have highly experienced staff that I can speak to, whether it’s the CTO I report into, the Architecture Team or experienced engineers. If there is an issue, they normally have a solution. But it’s not just the senior staff that can help. I know I can give our Systems Administrator Jamie a job and he can go out on his own and investigate solutions.
It can be intimidating when you first start having technical authorities in the business you work in, but by sitting down with people you can often find new solutions to your challenges. For example, when implementing an Active Directory server for the organisation, I had a meeting with Neil Baillie who’s the Principal Architect for Global Services to discuss the best way forward to design the AD estate.
He demonstrated ways in which we could design it to be interoperable with other parts of the business, such as Cisco Unified Communications, WebEx, Sophos, Azure and Office 365, essentially creating a single sign-on solution for all staff. We are still on that journey, but it’s now all achievable!
Is the scope of an IT manager’s work is more than just keeping the lights on?
It’s never just about keeping the lights on. I think internal IT is an integral part of any business. It’s a little like marketing – in order for an organisation to function and to be able to grow and do its own business it needs to have a strong foundation.
Many workplaces – too many – are like the Wild West. There’s no internal IT and no control systems – like forcing users to authenticate logins or controlling rules via group policy – nothing like that. These days IT management is much more about creating and maintaining proper, regulated systems running the backend.
What are the key challenges in your role?
Accreditations are a pinch point for me. I can receive complaints from members of staff, when in fact we in Internal IT are simply trying to put in some governance and order in place.
Order only comes when best practice is followed unconsciously, and that’s what I aspire to achieve, and deep down I know that’s what we want to be as a company too.
Official compliance has been a key focus for me for quite a while and it’s fundamental to make the other members of staff understand where and why compliance matters. It gives your customers confidence that you are following good guidelines and what we want to be as a company.
In terms one of the main official standards, ISO 27001, there’s a list of controls that they recommend all companies should stick to if they want to be certified by the Government and trusted by their customers.
You can’t please everyone, but if you can please the majority, you have a made a big stride forward.
You have to take those systems and the way that you implement them seriously. Even when you are ISO 27001 accredited it doesn’t stop there, then it’s about maintaining the systems you put in place through continual revaluation of business practices and making sure you maintain those high standards.
I look at things like our gap analysis to understand how far we are away from accreditation compliance and preparing ourselves for an audit.
When you’re accredited and trusted, this opens many other tools to help your organisation grow, like attaining new business or getting into government tenders. Those tangible outcomes are the reward for all the internal IT work.
What impact has the rapid growth of Hutchinson Networks over the last 12 months had on Internal IT?
It’s been challenging. I think when I joined there were just over 50 members of staff, and now we’re up to 120 or so within 12 months. One challenge for us here is the onboarding because we’re educating many new-starts on at once – I think one instance saw ten new-starts in one induction meeting.
This brings challenges in terms of getting employees set up on the network quickly, ensuring that they’ve got all the relevant software programs installed and not overlooking things like leaving computers unattended.
At one point it was one or two people were starting every week for three to four months – meaning physical infrastructure has had to be reinforced too.
What are your goals?
Day to day, security is a constant focus. This could be enhancing our physical security, such as door locks or having extensive CCTV coverage in the office. But it’s also about embedding a culture where employees and third parties are aware of risks and know how to report incidents.
My immediate goals are focused around our accreditations. Having achieved Cyber Essentials, Cyber Essentials Plus is the next goal as well as working towards ISO 27001 certification.
Right now, we are producing training materials around security issues such as phishing attacks, introducing two-factor authentication in business-critical applications such as 365, and other projects like that. It never stops.
What personal goals do you have?
As Hutchinson Networks grows, I would like to see myself growing with the company as a Chief Information Officer. I think I’m moving slowly towards that post-certifications, and it’s a matter of ensuring that as we grow and as we develop as a company that we keep our eyes on proper IT security practice.
Hutchinson Networks is ambitious and if it continues to expand in size then more employees mean more requests for IT resources. This could mean the IT department will become even more agile, which may mean more round the clock support for internal staff, similar to the external support we offer customers through our Network Operations Centre.
I will ensure that we migrate and adapt to new situations and conditions and that the overall department will develop to the ever-increasing challenges that the business brings.
How is Hutchinson Networks different from working in a large organisation?
I have worked in very large private sector businesses and big public sector organisations too. Thanks to its smaller size Hutchinson Networks is more agile, moving at 100 MPH in comparison.
So, in Internal IT, we need to be responsive, especially when we need to enable a new solution to help a staff member who is then liaising with a customer.
We need to be dynamic and implement solutions quickly, and this, in turn, means being collaborative is fundamental. I have worked in IT departments where its “collaboration at gunpoint”. That simply doesn’t work.
I love how having to get from A to C, without passing B, it forces you to problem solve in new and challenging ways.
In any organisation a sense of humour is important, sometimes a little bit of laughter can genuinely help alleviate the day to day challenges we all go through.
At Hutchinson Networks we don’t batch requests for service, we prioritise and then work through the issues face to face.
I am lucky as other IT departments and managers can take a long time to get things done, and then things can get batted between various people before a decision is made on it, only to go on hold again.
I think we’re much more dynamic here. There’s genuine thought exchange in meetings between leadership members and staff, there’s collaboration going on all the time and no-one fences themselves off, least of all Internal IT. We are no longer all separate business units working in silos. It’s about reacting and responding together as one.
I believe we are all in this together, none of us are perfect. You can have the best IT qualifications, but you will struggle in IT if you can’t communicate.
What motivates you?
I enjoy continual learning, looking at new technologies. At Hutchinson Networks learning about the benefits of our cloud services has been a real eye-opener.
My Mum and Dad instilled a strong work ethic in me. It wouldn’t matter if I was driving a bus – I would give the role my best. So, achieving goals gets me out of bed in the morning.
Personally, I am driven to succeed in my career, I am a long-term goal setter, so I’m currently looking at the advanced qualifications I need to become a CIO.
What do you like to do on your time off?
As those around me would testify I love music, sometimes signing a tune or two in the office. I grew up a raver but also love indie music – I’m stuck in the nineties.
I am a bit of a geek at heart, so I love watching Red Dwarf or video gaming with my son. Running is also a vital part of my life, it’s my release and gives me time to process the day. In my trip along the M8 from Airdrie to Edinburgh, I often listen to podcasts.
I love and admire US sports, particularly American football and basketball. I love the dedication the professional athletes show to be the best of the best.
I also love to travel and each year I try to go to Asia so we can spend time together as a family. This year I’m off to beautiful Bali. That’s the exception – for those two weeks, my work phone’s getting turned off!