Fog Creek Software
Discussion Board

...another reason not to load access on user wkstn

Friday at work we get a call from a user that was working with access.  They were implementing a check box on a form.  It was a checkbox didn't link to anything in a table anywhere.  So it was useful if you printed out the form.

I am taking a database class this semester and was talking with the instructor.  He spoke of a large HMO that has decided to stop deploying access as part of the standard corporate build as it seems an audit turned up about 1200 databases the IT department wasn't managing or didn't even know about.  They are working on mandating centralization anyway they can.  I can sympathize with them when I see the kind of crap people that "think" they know access do.

I think software needs user requirements in addition to system requirements.

A requirement for access could be:
*must be able to understand and implement all forms of normalization

Crusty Admin
Sunday, February 09, 2003

Crusty Admin -- Were you Crusty Admin during the mid-80's when a PC on a person's desk freed them from their dependence on department mainframes the long IT dept. wait list just to get a simple report?

Yes, there are databases that need to be implemented on a department-wide level.  And there are power users who strike off on their own and get in over their heads with Access.

But it seems to me like the empowerment PC's and programs like Access and Excel off to individual users has in general been a good thing. 

It looks like the circle is turning full-round now with servers starting to regain paramount importance.  But if I were a user I don't think I'd like it. 

Access and Excel give computer-savvy users the ability to do a lot on their own, yes, even when they don't quite know what they're doing.  It's not a perfect situation, but it's far better than having users being completely dependent on an IT department.

Herbert Sitz
Sunday, February 09, 2003

Ah, yes.  And these IT nazis are the sort of guys who are amazed when, in a "cost-cutting" move, their department is shut down and all the work out-sourced overseas.

Contrary Mary
Sunday, February 09, 2003

Right on, power to the people I say!

Management is the issue here, not the installation of a useful tool on peoples desktops.

System admin cannot be the tail that wags the dog.

Sunday, February 09, 2003

Actually, in the case cited in the original post (at an HMO) there are government regulations & procedures that have to be followed for computer systems that deal with patent information. How many end-users know of these resulations and insure that their little application meets the requirements. This could cost the HMO a lot of money in fines and CMP's (Civil Monetary Penalties).

Sunday, February 09, 2003

"Crusty Admin -- Were you Crusty Admin during the mid-80's when a PC on a person's desk freed them from their dependence on department mainframes the long IT dept. wait list just to get a simple report?"

No I didn't get involved until mid 90's

"Ah, yes. And these IT nazis are the sort of guys who are amazed when, in a "cost-cutting" move, their department is shut down and all the work out-sourced overseas."

Developement might move over seas, admin typically needs to be done on site to a greater degree.

"Right on, power to the people I say!"

Good thinking, most people don't have a clue.  "Hey, I've got a great idea, lets let the patients perform surgery on themselves.  Who better to know their needs then they."

"System admin cannot be the tail that wags the dog."

True.  The job is to implement the computer functionality required by the company.  The end user may not like everything we do, but then they are getting paid to be here and do a job.  If they want to play with their PC, they can do it at home.

"This could cost the HMO a lot of money in fines and CMP's (Civil Monetary Penalties)."

Finally someone sees my point.  A companies data is its most precious asset after workers.  Maybe it is ahead of workers.  Pay enough and you can always hire more bodies, you can't undo stolen, missing, misused data. 

By central control, I meant that a company must know where its data is at all times and must have policies on who accesses it, who they can share it with etc.  Do you think even one of these 1200 users with access databases performed regular backups?  If they did, it was probably done on a floppy stuck to the side of the pc's case with a magnet.

Crusty Admin
Sunday, February 09, 2003

"Developement might move over seas, admin typically needs to be done on site to a greater degree."

One citrix server in Bangalore, buddy, and you're out the door.

Monday, February 10, 2003

The issue of personal computers and data is a big one.

There does seem to be a pulling back, and a re-assertion of the data center.

If a company is going to kill ms-access, then they really have to kill Excel.

If they kill Excel, then they will have to kill Word.

It is interesting that Excel was designed for what-if and doing calculations. It turns out that the top use of Excel is in fact managing lists. Those lists are stuff like Employees baseball team. A bug list.  A to do list. Lists of suppliers. Job costing.

I would guess that Excel is on the order of 10 times that of ms-access being used for database stuff.

So, if they kill ms-access, then Excel will be used even more. It is strange that ms-access is being target when Excel is by far and away the most popular “list” manager, or database manger in a company.

For sure it does seem that companies are now starting to look at what is being saved on each pc. You can well imagine the junk on the hundreds of pc's.

Gee, what about all those word docs on each pc? Do they have to go also?

Gee, will this become a worker right issue?

If that company is only addressing ms-access databases, you have to ask what will be accomplished here, as it would seem that Excel is the real bad guy.

Albert D. Kallal
Edmonton, Alberta Canada

Albert D. Kallal
Monday, February 10, 2003


During the '80s I used to regularly get offered bribes by the sales guys if I'd design certain reports for them. Certain /special/ reports. Reports  about customers and sales prospects. Especially when they were leaving for a competitor.

I'd have paid off my mortgage in six months and had cash left over for a new m/cycle if I'd been less honest.

If they'd had Access, they'd have done it themselves, which would have seriously undermined the business I was working for which (funnily enough), my loyalty to turned out to be completely misplaced.

Thats the way the money goes
Monday, February 10, 2003

The assumption that controlling access to the database servers is the safest way to control access to information is wrong. If the user wants the data, and it is in a central location, they will get it.

If it is all decentralised, then whoever wants the data needs to first know where to get the data, and then get it. A lot of the access databases are stored on the local PC, which requires (in most cases) being physically at the machine in order to access it.

Albert has a point. Most users have conceptual difficulties with RDBMS. They invariably use Excel for mainting most of their data. You get rid of Access on the grounds argued above, then get rid of Excel.... and so forth.

If you do not trust your staff, do not employ them. True, some data is sensetive, and needs to be kept confidential, but to not trust the  users with data they need in order to properly do their jobs is a bit silly!

There are a few databases in the place I work. It is not my job, but I have seriously considered replacing one of the big contacts/CRM databases currently on access with a web solution. There are many good reasons for doing this, including being able to access from anywhere (we have a few home workers who currently email in their changes/requests to the admin staff).

I even went on as far as to spec the system, and build a proof-of-concept demo (which went rather well). The only reason I have not implemented it is that I would then be the central point of failure. At the moment, when new fields/reports are required, the users just go in and do it themselves. Like I said, this is not my job, I just happen to know the most about databases in my department.

Now, the database is monstrous, and not normalised, and I cringe every time I look at it. The thing though, is that it works, and so while I could be snobbish and produce some beautiful, normalised, optimised database controlled by me only, the truth is the users would be less productive. At some point in the future it might make sense to 'refactor' the database, but as I said, right now, it is better to leave it as it is.

Monday, February 10, 2003

"One citrix server in Bangalore, buddy, and you're out the door. "

Can you outsource networking staff to India "Here, plug in this cable remotely."  No comany will move all their IT jobs over seas.  I am smart enough and necessary enough to be on of the ones kept.

Crusty Admin
Monday, February 10, 2003

As an analyst, one of my catchphrases is "if there's an Excel spreadsheet for this, it should probably be an application."

Not an enterprise "twelve months to design, four years and three contracting agencies to implement" application necessarily, but probably a centralized client-server app.

Not to take power away from the user, but to allow the user to do the work they were hired to do. Nurses weren't hired to run Access databases, they were hired to assist doctors in healthcare. And if one nurse has a "patient wakeup log" app, you can bet at least one nurse on each floor has built the same thing, and redundancy costs money. Get a junior dev, make him/her talk to the nurses, and put a simple three-table/asp web app in place that everyone can use, uses appropriate security, and will survive the departure of the "keeper of the mdb"

And that junior dev probably costs less than the time the nurses were spending on their Access apps.

[The *problem* is that once he's hired, management will then probably make that junior dev a senior dev over the weekend and put him in charge of five other emergent management projects]


Philip Janus
Monday, February 10, 2003

Crusty Adimin,
                        Your job security plan has one drawback; if you are in a company which actually needs to do things your policies will make it go bust.

                          Users need to do things; if they are devising little programs to do this themselves it is because the central database doesn't do it. And the truth is that  it can't possibly be expected to. Your 1200 databases mean anything from five hundred to a few thousand full blown features that are needed. Do you seriously think that that is cost effective?

                        What you should be doing is presuming that the users are going to import the data into Office, and make it as easy as you can to do so, whilst stopping them having any access at all to data you are afraid of losing. Have you thought out the effect on productivity and  morale of staff having to print out reports, or make screen shots and print those out, and then enter all the data in again manually just because you have an overweening idea of your and your department's importance.

                      Most companies are lucky if the data they have is any use to them, let alone anybody else!

Stephen Jones
Monday, February 10, 2003

Making a note never to hire Crusty....

Monday, February 10, 2003

I remember an early job at a city council.  It was very boring admin, and one of my jobs was to cost up lists of useage, such as photocopier or phone usage.  I had to go over pages of numbers adding them with a calculater.

I had an ancient version of Lotus 123 on my little x86 that I used to print off the departments emails for them to read.  I started to enter my lists onto the spreadsheet for greater accuracy.

I was told that I was not allowed to produce spreadsheets - that was the IT Departments job.  I could put a request in for the spreadsheet I wanted, but they had an 8 months waiting list.

I had to leave.

Ged Byrne
Monday, February 10, 2003

Stephen, I am not the one with 1200 access data bases.  I was the HMO I was referring too.

You miss my point.  You seem to be dead against centralized IT.  The point is users can't be trusted to manage data because they don't know how.  Our job is to find out what their needs are and develop a system that meets those needs.  Some of you think I am a power hungry technology czar, I'm not.  I am just realistic about the capabilities of users and the danger of them doing for themselves. 

At any company if they are doing much for themselves it is because IT is not meeting their needs.  IT needs to get together with the users and figure out what the users needs.  Things change over time an a system that meets needs today may not tomorrow.

As to not hiring me, I am more likely to be in a position to hire you than you me.

Crusty Admin
Monday, February 10, 2003

>>>>>>>>>>You miss my point.  You seem to be dead against centralized IT. >>>>>>>>>

I'm not in the least against centralized IT; I'm just against EVERYTHNG being centralized. Just look at the way the centralized economy of Communist Russia collapsed.

>>>>>>>The point is users can't be trusted to manage data because they don't know how.  Our job is to find out what their needs are and develop a system that meets those needs.<<<<<<<<<

I know this is your point, and its wrong! Users know very well what they want to do with their data; it's just that IT departments are not very good at finding out what their needs are.

Data STORAGE needs to be done centrally, WHERE POSSIBLE. However, to try and stop the users from doing what they know they need to with their data is plain arrogant, as well as financially disastrous.

Their Access databases aren't normalized? Do you think the data would be more "normalized" scribbled on the back of an envelope, which is the alternative, sonce I presume Notepad is considered too hi-tech to trust the users with.

Stephen Jones
Monday, February 10, 2003

One more thing.... How many of the 1200 databases are still actively used/maintained.

A lot of the time, users will build something that does a once off job, (maintain registrations for event) and either forget to delete the database after the job is done, or keep it just in case.

It takes the user a couple of hours to build a simple database, autoforms, and autoreports. Very little overhead. How much would it cost to get the user to spec their requirements, explain them to IT, who then build the monster test it, and depoloy it for a 3day event.

Someone said something about nurses being employed to treat, and not maintain databases. True, but one aspect of treating is keeping a record of a patients progress, or favourite meal or whatever it is they might keep in their database.

If they can do it, let them do it, and while you might say that it leads to duplication of effort, talk to the staff, and you will find sufficient differences in the applications and the way they maintain their data to not warrant a mother of all databases.

If you want to see XP in action, watch relative newbies working on access. They kinda create new fields/features as they go along. Try building an IT infrastructure to replace such flexibility, and you will have found the holy grail of computing.

Monday, February 10, 2003

Stephen, someone already pointed it out, I'll do it again:
There is a special case with HMO's - the HIPAA regulations levy stiff CRIMINAL penalties against the directors of an organization that does not observe the privacy requirements of the law.

So Crusty is in a unique place, though those types of requirements exist in other businesses, too.


Philip Janus
Monday, February 10, 2003

Philip, I too will repeat what I said earlier.

1. Workers should understand the privacy policies and consequences of breach, whether or not they have access to electronic copies of anything. I remember in my first days at McKinsey, one of the first things they told us was client confidentiality was #1. You talked about working on a procument study for a large financial services company. That was detail enough even within the company, to get the work done.

2. Centralising data storage does not necessarily make it more secure. In fact you are actually providing one point of breach/failure. I remember reading somewhere that the inability of DoD/Pentagon/CIA computers to talk to each other has provided a more secure environment. You can't break into one and move within the system (you get the gist?)

3. The kind of data stored in these ad hoc databases is unlikely to be of interest to anyone not in the creator immediate workspace (just personal experience). Pick your battles. It really won't be in you interests to have every user call you to change the font on report 43431-6543, which is used once a year to print the invites for his teams xmas lunch!

4. Trust your staff. The advent of photocopiers raised similar concerns about staff suddenly being able to walk out with copies of your most valuable secrets... nothing is new here. You would not advocate for the abolition of all departmental photocopiers, replaced by one ubermachine in the printroom that requires paperwork in triplicate per copy??

Like some said. It all the same story, just the voices that change.

Monday, February 10, 2003

I worked on the Y2K project for a major US bank (top 20) and discovered that they had literally hundreds of Access applications used everywhere from HR to Sales to Finance.  Everyone of these databases had to be checked for Y2K compliance or retired, according to company policy.

What I found was that there were many poorly designed, redundant, unsecured databases created by individual business units.  We retired what we could, rewrote what we had to and audited the rest.  What a mess.

The point is, the company did not have good control of its data and business users didn't want to give up their business data and be at the mercy of IT.  I think that to move local databases to a centra IT department, the IT department has to prove that they can provide service and reliability to the business unit.  After all, why would you wait two weeks for a change to an application whihc you could do in two minutes in Access or Excel?

Eric Budd
Monday, February 10, 2003

If someone starts off a post with "I'll repeat what I said earlier", does that mean we don't have to read it again?  (How about "I'll rephrase what I said earlier so it makes more sense" instead?)

Lots of good points here, but what comes out is that having more development done by IT, and keeping Access off every user's desktop, are two entirely different things.  It makes sense to gradually push for more databases to be done by IT, particularly if they're multiuser, in bad shape or destined to end up that way, and have important business data (not the company softball roster).  It _doesn't_ make sense to try to force this by removing access to Access, because the users will find something to replace it, from Excel to Word to Notepad to Post-It Notes.  (Interestingly, in the bank I used to work in, we all had Access, but we weren't allowed to spend department money on Post-It Notes.)

The way to effect a change from user sloppiness in Access to brilliant design by IT in Access is by carefully picking projects, being very attentive to users (meeting personally, promptly returning phone calls and e-mails even if there's nothing new to report), and then showing off the end results, such that people will _want_ to have IT do their databases.  It also means having both time and a budget to hire more people if necessary, because as soon as IT starts turning away projects because they're too busy, people will go right back to their own desktop stuff.

Monday, February 10, 2003

The real problem is not the scads of individual Access databases, Excel spreadsheets and personal favourite Word templates that live in departments like kipple under beds.

The real problem is that no one responded to the need for the database and application in the first place.  Or if they did respond then they were told that it 'had to fit into the organisation's development plan (called Project Boil the Ocean and Drink the Beer), and that the requirement was misstated and you really don't understand what you want.

And then having gone ahead and done their own  little application that was untidy, inefficient, amateurish but it did the job;  they get told the database can't go on the server because it hasn't been vetted and it might mess up the server in some unspecified but evil way.

So, its all very well (and this is not pointing a finger at 'Crusty', nice shoes by the way), to pontificate about the nasty messy users and their dirty habits but if you leave people to fend for themselves, that by and large is what they do.

One of the answers for this is to decentralise the interface of IT, or ICT or whatever acronym is fashionable, let someone local to the department both immerse themselves in the knowledge domain and become the interface to the IT bureaucracy.  Let them mediate and mentor in both  directions and listen to them.

IT departments have to understand that they exist to allow the real business to take place and that without them that business will still exist, they are oil and grease not the cogs.

Simon Lucy
Tuesday, February 11, 2003

I wonder how many of that 1200 were copies of Northwind.

Contrary Mary
Tuesday, February 11, 2003

The IT department has an image problem.  They also have a problem respecting users' needs, which the users pick up on, which affects the image problem.

The very use of the word "admin" is at the root of the image problem.  "Admin" conjures up images of resistance to change.  It's primarily about maintaining and defending the status quo, not about questioning it.  Someone desperately needs to question the status quo in that organization.  I'm not going to touch the word "crusty"... but what is said in jest is often a good indicator of the reality.

In any business, there is a continuum of information formality needs, from the centralized data warehouse with metadata, to the Excel spreadsheets, to the post-it notes.  Even those 1200 Access databases fall in different parts of the continuum, depending on their purpose.  Some probably rightly belong in a centralized location, some are probably one-off merges of spreadsheets, and some may be appropriate-for-the-task small apps.  To lump all 1200 "databases" into the same forbidden category is ridiculous.  It's like banning paper because someone used it for origami or printing out job applications.

How did IT get into this mess with 1200 databases they "didn't even know about?"  By not adequately marketing their services and actively seeking out what they could be doing to help the users get their jobs done.

Shutting down users' main way of compensating for IT's lack of cooperativeness is NOT the way to regain their trust, and regaining their trust is the first step to getting those databases to go away.  The next step is to actively seek to understand what needs aren't being adequately filled by IT (each one of those databases should contain some leads, no matter how poorly articulated), and then find a way to persuade the users that IT would like to make it better, and that you truly have their best interests at heart.  This means committing to a lot more work than you're used to, from simply educating users on how to use the existing system, to rewriting and integrating pieces of their apps into the existing system.  It also means you're going to have to hide all traces of your feelings that they are "stupid users" if you're to gain the level of trust necessary to get accurate, useful requirements out of them.

Taking away users' tools without offering something of equal or greater value in return is only going to make your job harder in the long run, even if it seems to offer short-term relief.  You can't afford to burn your bridges here, no matter how tempting it might be.

Tuesday, February 11, 2003


You said that very well. I'm reminded of one place I used to work. I described the IT department this way:

"Always remember that they're doing you a favor by letting you use *their* network."

Many IT organizations have this attitude. It's no wonder users want to get out from under.

Chris Tavares
Tuesday, February 11, 2003

Our company is not like that.  The users are our customers, unfortunately due to laws we can't always package the services as the customers would like.  Access versus centralized database etc.

Crusty Admin
Tuesday, February 11, 2003

*  Recent Topics

*  Fog Creek Home