For those not familiar with the structure of subways, the third rail is the one that carries the power for the trains. Under no circumstances do you ever want to touch it. The phrase “third rail” has made its way into political discourse as a description of a “no-win” issue — something that should be avoided at all costs. In corporate IT, email and the increasingly sophisticated messaging structure that supports it are third rail issues.
As I said, the third rail is what carries the power to a subway train or electrified rapid transit. Should you be so unlucky as to find yourself on one of those tracks, it’s safe to touch the two rails that the train runs on. But you don’t want to touch the electrified third rail. So why are email and electronic messaging figuratively considered the third rail?
Well, you would think that most CIOs would embrace a change to their email systems. In many shops, email generates an overwhelming number of complaints. In the days of BYOD and remote access, not only has the frequency of email complaints increased, but the difficulty in resolving them remotely and across various devices has increased exponentially. But it’s not just email and messaging that we have to watch out for. With email comes threats and annoyances. The major point of entry for spam and malware is, of course, through the email system. Spam, antivirus, and new activities such as heuristic filtering are complicated by the requirements for speed and reliability. Tighten your filters too much and you lose email; loosen them and spam becomes an issue. Constant upgrades are required to all components. Many new viruses and worms specifically target old vulnerabilities when systems have not been updated. It’s high maintenance.
All of this is done in the context of urgency. Email is a service that people simply cannot live without. I’ve seen the failure of a mission-critical production system generate less attention and emotion than an email outage. Indeed, some might argue that email is a mission-critical system. Interrupt email and everyone, from the shop floor to the C-suite, will make your life miserable.
What might be even worse than interrupted email is when it becomes unreliable — even marginally. People expect instant response. They expect 100% reliability. One of the worst problems to deal with is not someone missing all his or her email; it’s “I didn’t get this particular email.” Similar to that intermittent noise in your car that disappears only in the mechanic’s bay, intermittent emails are a killer. How do you answer that exasperated user who says, “What else am I missing?”
Technically, unless you luck out and can find the item in a spam folder, how do you locate an email that you never received? There are so many places to look and, frankly, you get good at it because you never want to have a question about whether your email server has gone rogue and is just arbitrarily discarding email. At that point, no amount of technical assurance will convince anyone. So you spend a lot of time pursuing any missing message even when you sometimes suspect that the problem is that the email was never really sent or was simply misaddressed.
This is one of the biggest psychological barriers for me as a CIO and technical advisor. And I admit it openly. Our current email infrastructure was a monster. It was a frequent source of problems and issues. It needed constant babysitting, and everyone hated it. But what if my new collaboration infrastructure had problems? What would we do?
My answer was what I call the “Tom Sawyer maneuver.” Remember Mark Twain’s fictional hero who, when faced with a task he didn’t want to do, convinced the other boys that whitewashing a fence was such fun that they begged him to let them try it? That’s the approach we used on our email/messaging platform. We did a pilot with a select group (they had to be volunteers). Of course, I was one of the early adopters as well. It’s the same reason that even though I’m a dedicated Mac user and I have the clout to have my own hardware, I use the same configuration and machine as every other user. You have to lead by example. So we had the conscripts (me) and the volunteers. We would let the demand spread from there. If we were right (and we were) about how the added collaboration and functionality would be desirable, we’d soon have people requesting to be in the trial group. That group would be our Tom Sawyer.
The group would also be our laboratory. When we hit problems (and we did), we’d manage them in a controlled group of volunteers. For instance, Google has a lot of great gadgets, but one of its dumbest weaknesses is the way it handles blacklisting. If you send out enough email, sooner or later everyone gets blacklisted by one of the many services out there. The reasons can range from legitimate spamming, being hacked, or occasionally simply offending the gods of technology who run these services. A simple error in configuration, even once it’s corrected, can put you on a blacklist. Now, I’m not saying that these services don’t provide value; they do. But some of them are set up by those who exhibit that worst of IT behaviors: they are never wrong. Some take such a bureaucratic approach that they make the old Soviet Union seem progressive. If you get on their list, you will have to follow whatever arcane and lengthy process they require. Of course, I could point out that many times you can buy your way to the front of the line, but that would be too cynical. The quick and dirty solution is often to just flip to a new IP address. Unless you are a mailing house or need to have a trust score for mailing, this is simpler than dealing with some of these problems.
You would think that Google has tweaked this issue to a fine art with its cloud infrastructure and flexibility. Nope. And with the way it distributes users, we had the unique problem of some of our mail users experiencing no problems and others blacklisted. It took us a bit of time to figure this out — and Google is not much help when this happens. This brings me to our second issue. Google is not altogether unresponsive, but there is no immediate response even for corporate email issues. You have to put in a ticket and wait. The inability to talk to a person in an emergency is a real drawback.