31 March 2014 Posted by Andrew Bohling
These days, when someone mentions the phrase “shadow IT,” they tend to strike fear in the hearts of IT organizations.
Shadow IT consists of any IT management or procurement process performed outside the control and without the oversight of the IT organization. Because of their inability to manage these processes, shadow IT has taken on some fairly negative connotations within IT organizations. Despite this attitude, business units often have important reasons for procuring and managing their own IT services, including time-sensitive needs and a lack of available solutions.
The pervasive nature of shadow IT is largely influenced by the widespread availability of cloud computing services. Cloud computing has effectively broken an age-old paradigm of request-and-wait IT service models. Business users now have on-demand access to the services they need and can bypass IT altogether during procurement. The prevalence of software-as-a-service applications within business units – such as Office 365, storage services, and file-sharing services – has made users accustomed to getting what they need, when they need it. Furthermore, business users sometimes understand their own needs better than IT, and IT organizations don’t always supply the right services fast enough.
To their credit, IT organizations have important considerations in mind when they choose services, ones their users might not share or know about. They must consider things like sustainability and security, as well as service level agreements. They must also ensure compatibility with their existing services to avoid vendor lock-in and the creation of data silos. Finally, they must consider service availability and reliability, and make plans for disaster recovery. When business units go around IT and choose unapproved services, they can introduce any number of risks to the company.
There is an obvious disconnect in the way IT organizations and their business users communicate and collaborate. Business units are actively trying to bypass IT organizations just to get the content and services they need. This has led to unchecked spending, application and data sprawl, and a general sense of disorder as IT organizations attempt to sort and connect the pieces.
Shadow IT has put IT organizations on defensive footing, but it doesn’t need to be this way. With the right approach, IT organizations can find ways to harness the efforts and insights of business users and transform shadow IT into a manageable resource.
Table of Contents
Understanding the Problem
IT leaders must understand some important context when they plan their approach to shadow IT. First, they must realize that the majority of business units are already circumventing IT to get the services they need. Next, they should understand that their current estimate of shadow IT is likely inaccurate. Some IT organizations are discovering 5-10 times more hidden applications than they anticipate. Finally, they must realize that, in comparison with today’s most agile procurement methods, many of their processes are far slower than business users expect.
IT organizations need more agile methods for delivering and managing cloud services; but more importantly, they need to pursue more collaborative efforts with their business users. At the same time, business users must understand that the steps IT takes – integration, compliance, monitoring, governance – are important for ensuring service continuity and business sustainability.
If a fundamental problem exists, it isn’t the proliferation of shadow IT; it is the tension between business users’ desire for on-demand access to the right services and IT organizations’ desire to make services secure, available, compatible, and sustainable.
Out of the Darkness
Some organizations are approaching shadow IT as an uphill battle against their business users. But with the right approach, this conflict can be avoided altogether. IT organizations need a new approach, one more aligned with the needs of the business. They also need to place a higher value on cooperation, collaboration, and supporting the needs of the company as a whole. Ultimately, the right approach should help IT organizations play a more central and respected role within their company.
To lead the way to better IT service, IT leaders must consider some important albeit difficult questions:
- Is taking a rigid stance against shadow IT really going to empower our business users, or is it just creating more animosity?
- Are there better ways to enforce how our business users procure and use cloud services?
- Do our IT efforts really focus on supporting and driving business performance?
Luckily, there are some easy ways for IT organizations to approach new, more constructive solutions.
Education is a great first step. First, IT personnel should be educated about the needs of the business. Users need confidence that the IT organization has their best interests in mind when they procure services. Likewise, business units should be educated about the risks of shadow IT and the challenges IT organizations face in managing rogue applications. If business users can understand their pain, they may think twice about procuring unapproved services.
Next, IT organizations should incorporate application-aware devices and software into their infrastructure to discover and map otherwise hidden applications and services. Once they’ve mapped their shadow IT, they can incorporate policies to get these applications into a more manageable state. The primary focus here is to manage risk rather than take back control.
While these steps can help IT organizations grasp their existing shadow IT, they also need solutions for the future. To get an edge, IT leaders will want to pursue several initiatives within their organization:
- First, they should consider moving IT to a service broker model, where they help select the right cloud services for their business units.
- Next, they should consider implementing a centralized gateway for business units to access approved IT services, such as a service catalog.
- Finally, they should explore making better use of cloud services such as IaaS or PaaS to free up time to build or broker new services.
IT organizations must understand that shadow IT is a symptom of business need, not malpractice or ill intent. Moving forward, they should focus on supporting these needs. At the same time, business users must understand that the extra steps IT takes to approve their services will help the company in the long run. By formulating a collaborative approach to service procurement, business users can access more of the services they need when they need them, while IT can rest easy knowing their activities are in line with the organization’s best practices and the company’s overarching goals.
]]>
Recent blog posts
- Compliance Drives Buying Decisions in the Cloud
- Changing Competitive Dynamics for IaaS Providers
- Good News for Cloud Job Seekers in 2015
- Colocation: The New Center of Hybrid IT
- The Problem with Forced Cloud Reboots
- OnApp Federation Grows Stronger with SolusVM Acquisition
- HP to Acquire Eucalyptus: Questions, Comments and Concerns
- Is It Really ‘Game Over’ for Most IaaS Providers?
- The Big Cloud Winners Are…Not Just the Hyperscale Players
- Cloud Federation: Dream or Reality?