Flip that "entire freaking life" comment around, and ask yourself whether the current IT schemes and the current common IT approaches are working as well as might be desired.
Whether the current IT plans have survived contact with the end-users.
If IT assumptions and approaches and plans aren't working and if errors are repeating, then IT is left to continue to spend on and work on More Of The Same and on Just Try Harder solutions, or IT can look at different approaches and different solutions. At performing some Root Cause Analysis, or whatever that might be called, and at shifting strategies and tactics.
Computer hardware and software vendors have the same issues, too. Sooner or later, the "blaming the users" for a repeating failure modes isn't going to be a viable product strategy, and somebody (else) then ends up owning the problems and the costs, or your product ends up cast aside.
Look to ways the most serious of these repeating problems can be eliminated.
Backups? IT has to expect some users won't do backups. Something akin to Apple Time Capsule with Mac OS X Time Machine is an absolute killer feature for home users. Your data ends up archived with minimal end-user involvement.
Passwords? How long will we repeat the IT password mantras? IT has to expect some users will continue to pick passwords. So what to do about that?
With a large enough breach or a large enough data loss, IT can be forced start deploying its own CA chains and certificates, and moving to tokens or analogous. Or backups. Or whatever. Why not start ahead of that breach?
As for alternatives and depending on your local user requirements, look to add and to migrate to embedded and tablet devices and automatic backups; trump the problems where you can. At certificate chains and VPNs. At automated backups.
Look for, but don't repeat mistakes.
...Don't expect existing mistakes to fix themselves.
...Don't assume that longstanding approaches and solutions are still the best available solutions.
...And don't plan that end-users will grok IT. They know and think about cancer research, or whatever their job is. Not about IT.
Whether the current IT plans have survived contact with the end-users.
If IT assumptions and approaches and plans aren't working and if errors are repeating, then IT is left to continue to spend on and work on More Of The Same and on Just Try Harder solutions, or IT can look at different approaches and different solutions. At performing some Root Cause Analysis, or whatever that might be called, and at shifting strategies and tactics.
Computer hardware and software vendors have the same issues, too. Sooner or later, the "blaming the users" for a repeating failure modes isn't going to be a viable product strategy, and somebody (else) then ends up owning the problems and the costs, or your product ends up cast aside.
Look to ways the most serious of these repeating problems can be eliminated.
Backups? IT has to expect some users won't do backups. Something akin to Apple Time Capsule with Mac OS X Time Machine is an absolute killer feature for home users. Your data ends up archived with minimal end-user involvement.
Passwords? How long will we repeat the IT password mantras? IT has to expect some users will continue to pick passwords. So what to do about that?
With a large enough breach or a large enough data loss, IT can be forced start deploying its own CA chains and certificates, and moving to tokens or analogous. Or backups. Or whatever. Why not start ahead of that breach?
As for alternatives and depending on your local user requirements, look to add and to migrate to embedded and tablet devices and automatic backups; trump the problems where you can. At certificate chains and VPNs. At automated backups.
Look for, but don't repeat mistakes.
...Don't expect existing mistakes to fix themselves.
...Don't assume that longstanding approaches and solutions are still the best available solutions.
...And don't plan that end-users will grok IT. They know and think about cancer research, or whatever their job is. Not about IT.