Why does shadow IT exist?
This new breed of IT has made effective management a critical factor.
Consequently, the cast iron grip of the rigid and sanitised world of the IT old guard is being be tested. Even the largest and most efficient IT departments struggle to keep pace with the innovation and technological adoption/change expected by the businesses of today.
In a fickle world of ever changing demands and directions; the latest and greatest idea has a shelf life measured in weeks. As a result, the formulation and use of shadow IT in business units to ensure rapid technological adoption and maximum ROI is inevitable.
“Shadow IT was born out of the need to deliver value faster to the business,” said Ajeet Singh, CEO at ThoughtSpot.
Furthermore, with Shadow IT being common place within all industries, governance needs to catch up and enforce standards for cloud platforms.
Shadow IT Stats
While there are many buzzwords in IT that aren’t really substantiated, here are some key supporting stats for this subject.
More than 80 per cent of employees use ‘non-approved’ SaaS apps. Source
Less than half are concerned that their use of unapproved software could lead to data loss. Source
By 2020, a third of successful attacks experienced by enterprises will be on their shadow IT resources. Source: Gartner
Rather than assigning blame to either the user or the IT department, these stats highlight that there is an underlying issue that needs addressing.
How to embrace Shadow IT
Throwing caution to the wind and embracing Shadow IT wholeheartedly without consideration, structure and governance can be likened to Hans Christian Andersen’s story – “The Emperor’s New Clothes” – just because everyone says it is great, are you unnecessarily exposing yourself?
Therefore, to stifle and inhibit the innovation from business units that utilise shadow IT is both undesirable and detrimental to the business as a whole and should be avoided where possible.
“Rather than trying to stop it, I’m going to look at it and say this represents hybrid IT,” he says. Source
Let’s say therefore that you’re ready to embrace the Shadow IT ethos and grasp the future with both hands – the question is how.
Here are 4 proven ways:
1. Bimodal IT
Firstly, the traditional model of an all-controlling centralised IT function is not only outdated; it is ineffective in today’s world of rapid change.
Transitioning to a Bimodal IT model can prove to be an effective compromise on flexibility and control.
“Bimodal is the practice of managing two separate but coherent styles of work: one focused on predictability; the other on exploration.” Source: Gartner
Second – update existing workflows or define new ones to take into account Shadow IT. An open forum with clear accountabilities, defined limits and open workflows will provide unity and flexibility.
These processes will give users a better idea of what is expected of them, and the steps they can take to achieve their business objectives.
3. Support Services
Not to be forgotten, it is absolutely essential that Shadow IT services are supported and fully integrated into the support structure and service. Custom service offerings with tiered levels support reduces the “them and us” perception and assist with integration/adoption.
4. Formalise Shadow IT
Lastly, to formalise Shadow IT by:
- Publishing lists of approved vendors, apps/tools and devices
- Establishing formal business relationships with vendors/suppliers to deliver tried and tested development/infrastructure patterns
- Establish an inventory
- Where available use internal functions to audit and evaluate risks with Shadow IT products and services – such as Microsoft’s Enterprise Mobility Suite.
Summary: next steps
The view towards Shadow IT has to be considered against the priorities of an organisation.
Our top 4 tips are:
- Bimodal IT
- Support Services
- Formalise Shadow IT
In addition; engage, encourage cooperation and merge/initiate practices that will exploit Shadow IT as an effective mechanism for value delivery.
Like all products in their infancy, the addition of structured but flexible guidelines with defined accountability and clear limits will go a long way to mitigate the numerous risks of Shadow IT and ensure that the perceived value is not overshadowed by the inherent risks of Shadow IT.
Let us know your thoughts on Shadow IT below. Should you wish to learn more, download this guide on choosing your IT Partner ⇓
Written by Ray Tang | Governance, RedPixie | See his LinkedIn Profile