Three reasons why most IT projects fail (to meet expectations.)

There are hundreds of factors that can affect the outcome of any IT project. After years of managing all types of projects I have come to the conclusion that failure is often due to a lack of balance between three competing forces.

• How fast you try to finish the project.
• How frugal (or cheap) you are being.
• How much you want the system to do.

There are many variations on the three legged stool analogy but they all state that you cannot have all three “legs.” I don’t agree. In fact, this type of thinking is dangerous. It only deals in extremes.

With so many things to go wrong, it is hard to get it right.

Although it is true you cannot build a highly complex system in days for a dime, you can build a system that has reasonable functionality in a reasonable time on a reasonable budget. The minute you move one of those factors closer to the extreme, the more likely you are to have a failed project.

So what is reasonable?

Reasonable is subjective and changes with each project. There is no magic formula to figure out what is reasonable. Each project does tend to have one “set in stone” factor.

• If I need to replace my routers because they are old, and I don’t need any new functionality, then I know for sure what my functional requirements are. Now I only have to find a reasonable timeline and budget.
• If I need to replace a CRM system with something new and unknown, I can set an upper and lower budget for the project and then keep the timeline and functional requirements within that budget.
• If a product, like Windows XP, is being retired and must be replaced, I have a firm timeline. I only need to find the right balance between cost and functionality.

In most cases you only have to balance two factors, not all three.

Finding balance

This is not a joke: If everyone is a little unhappy, you have probably done well. Balance is about finding the middle ground which means someone will be disappointed. The budget conscious will feel like it was slightly more expensive than they wanted. The time conscious will feel it took too long. The rest will feel like some “nice to have” features are missing. Although this sounds bad, it is really project nirvana.

If one group is really happy, you focused too much on them. You gave them too much which throws the project out of balance. You have all the killer features but blew the budget or timeline.

Balancing a moving target

The most complicated projects I have worked on are software implementations like CRM or ERP. They always have an incomplete list of functional requirements. They always have a budget and timeline based on estimates from a vendor with an unclear understanding of the unclear requirements. The entire project is based on nothing but guesses which is why they often fail to meet expectations. The requirements always grow, the budget always grows, and the timeline always grows yet both the vendor and customer blame each other for the overage.

For projects like this, you must have (or be) a project manager that keeps all three factors in everyone’s mind at all times. You can’t add features without adding time and budget. You can’t set a deadline in stone unless you also freeze your requirements.

Who owns the leg

Just to make things more difficult, each leg of the stool, or factor, is generally managed by different groups. A senior manager or executive may be in charge of the budget while the IT team might be in charge of the timeline while some department head may be in charge of the functional requirements. They each look almost exclusively at their leg of the stool and say “My leg is the wrong length, fix it!” They don’t always care about the other legs and that means you have to balance requirements by getting three or more groups to understand each other’s needs. The project manager may need a degree in counseling to get some groups to work well with each other. If you can’t get all the groups to work together, the project will almost certainly fail to meet expectations.

Think balance, every day

You have to start a project in a balanced state. You have to consider how every decision you make affects the balance of the project. You have to communicate how each decision affects the project balance. If you end with a reasonable balance between cost, timeline, and functionality you hit a very small moving target. It feels like nothing less than a miracle.

Is Active Directory still relevant?

Windows 2000 started Microsoft’s Golden Age. With Active Directory and Group Policy you could control the settings on every PC and server on your network from a single screen.  If you need to tell every computer where to download Window’s Updates you checked a box. If you needed to turn off a Windows feature you checked a box. As long as every PC in your domain was a Windows PC, management was a breeze.

BYOD forced diversity into the network

Fast forward to 2007. Two things changed IT forever:

1. Microsoft introduced Windows Vista
2. Apple introduced the iPhone

Within a few years, IT departments lost control of devices selection and PC sales started declining for the first time ever.

When a CEO walks into the IT department with an iOS or Android device and says “Make it work,” you make it work. The vast majority of tablets sold today run iOS or Android which fall outside the control of Active Directory. It is reasonable to assume device diversity will continue to expand when you consider that Chromebooks now account for 20% of “PCs” sold to educational institutions and Android Laptops have been announced.

You still have to control mobile devices

If you connect a mobile device to your corporate network, regardless of what it is, you should have some control over it. For example, most phones can send and receive corporate email. Email is protected by a password on PCs but not necessarily on a phone. Companies should enforce a password policy on any device that can send or receive company email.

This requires Mobile Device Management (MDM) software. Even if the MDM solution integrates into Active Directory, this is another layer of compelxity for the IT department to manage.  It is one more thing to fix,  configure, and require policies, oversight, auditing, disaster recovery, etc.

Can MDM replace Active Directory?

Some MDM systems work on Windows laptops as well as phones and tablets. If it can be installed on a laptop, it can be installed on a desktop. What if we pushed policies to computers using MDM instead of Active Directory (AD)?

To be honest, I don’t think MDM technology is able to replace AD …. yet … but it may not be long before it can. This has caused me to be very cautious about selecting products that require AD.

It is hard to imagine a world without some form of centralized user account database like AD but with cloud services the use of AD may become problematic.

The effect of the cloud on AD

Assuming you can handle the complexity of migration, you can integrate your existing AD infrastructure into Office 365. You can also sync AD with Google Apps via Directory Sync. Most other cloud applications have their own user account database which does not sync with AD.

This creates another problem. As we choose cloud applications we have to decide if we want Single Sign On (SSO) via AD integration or to force end users to have multiple user account and passwords. Users will have a hard time remembering all their accounts and IT will have to go to multiple sites to manage accounts. Neither solution is ideal.

Microsoft is building a MDM solution

Microsoft is building an MDM solution that is integrated into Active Directory and will manage iOS and Android devices. In many ways that sounds like the perfect solution and it may be. Microsoft frustrated me in the early days of the cloud by creating products that only worked on Windows or Internet Explorer. I understand they were trying to protect Windows and Office but it put them years in cloud and mobile development.

Microsoft’s early lack of vision in the cloud and mobile market makes me caution about using their products on non-Microsoft devices. I can envision a world where their MDM solution is great on Windows Phone but lacks features for Android and iOS. I am worried about being tied to a vendor that could easily use one product to try to force me to use another. Conversely, management of the network would be much less cumbersome if I can use one console for MDM and User Management.

One system to manage them all

At this time, I don’t see any alternative to using MDM to manage mobile devices and AD to manage users.

If Microsoft makes it easy and cost effective to manage mobile devices and users with AD they may be the best user management platform moving forward.

On the other hand, if their management tools and interfaces continue to be Windows-centric, their relevance is going to continue to decline to the point where third party management solutions will be a better choice.

It is hard for me to imagine a world without Active Directory but if Microsoft doesn’t adapt all of it’s products to work well with other products I can see a time in the next 5-10 years where Active Directory will be considered legacy technology.