The existence of ‘Shadow IT’ is apparent and well-established throughout most organisations, as enterprise IT tends to move at a slower pace than consumer technology. Any CIO is well aware that their workforce is living it – from their Dropbox account, to their Google Docs and smartphone.
The number of applications that an employee is self-selecting might take even the savviest of CIOs by surprise, but they should recognise that Shadow IT is well-established as part of the modern, hybrid-cloud enterprise. No more should companies feel ‘defeated’ by or try to combat Shadow IT, instead we are now at a point where the best way to handle it is to actually embrace it.
So what’s the best approach? IT leaders should pinpoint why employees are using specific services, to identify any employee pain points and better understand where investments can be made to boost productivity. Such improved processes will help organisations stand out in a highly competitive enterprise technology environment.
Transitioning from policing to governing
An extensive array of cloud applications is on offer for today’s tech-savvy consumer. With employees choosing to run the latest apps, this can bring with it various disruptions to business processes; from versioning issues, bandwidth control that makes systems slow, to security threats.
If there is no form of regulation set and the business finds themselves with a vast amount of applications running, in time they will certainly experience a rapid reduction in productivity – not to mention the loss of intellectual property.
Some CIOs may think they are on top of Shadow IT, but the reality of what is happening in their organisation may be quite different. As outlined in the "Cloud Adoption and Risk Report in North America and Europe – 2014 Trends" report:
– Enterprises vastly underestimate the extent to which Shadow IT cloud applications are used by their organisations. Eighty-six per cent of the cloud applications that employees admit to using are not sanctioned by IT
– One major U.S. enterprise estimated that 10 to 15 file-sharing applications were in use, but then discovered that number was almost 70
Actual usage of cloud services in a business dramatically outweighs a CIO’s estimate. Particularly considering the adoption of BYOD which opens doors for more employees to adopt cloud services on their own accord.
CIOs need to get a better handle on what is going on in their networks to ensure applications are able to perform at their peak. In the hybrid enterprise, where IT is run on a mix of secure on-premises systems and public cloud systems, it is vital the IT department equips itself for visibility, optimisation and control of its network.
Ensuring full network visibility
Giving up control of the applications and services used by employees to access IT systems and to manage or share sensitive business information presents its own risks. Not only does it undermine security efforts and violate compliances, but it can add redundant services causing inefficiencies with those applications already implemented and overseen by IT.
Clearly the lines have blurred between personal and work IT. To gain an advantage in the new digital world, it’s the job of the CIO to manage these complexities whilst finding ways to make their applications perform at their peak.
The CIO needs visibility, optimisation and control across hybrid clouds and networks. Only then will on-premises, cloud, and SaaS applications perform to the service-level agreements determined by the business. If the CIO is unaware of the dozens or even hundreds of unsanctioned cloud services and devices their employees own, then there’s very little chance of them achieving this.
There’s no denying the risks involved, however trying to regain control by outright banning the services outside of IT jurisdiction is not the right approach either.
Find your ‘Shadow IT’ allies
To ensure smooth, successful IT operations, CIOs must work with the business to solve the organisation’s most important problems. Shadow IT should highlight the areas in which IT is failing to meet employee requirements.
With a more progressive approach to catering for their needs, CIOs can implement regulations that support Shadow IT initiatives and help them to understand employees’ grievances in order to find the right solutions and services for the business and its requirements.
They should not be afraid to reach out to the IT vendors directly to understand the value proposition of officially implementing their services.
For example, Blackberry has long offered the ability to partition its smartphones to keep personal and work applications and information separate. Similarly, Apple and IBM have started rolling out made-for-business applications and supporting cloud services that incorporate IBM’s big data and analytics capabilities to iPhone and iPad users.
As the distinction between work and personal IT quickly evaporates, policies towards devices and software capabilities should reflect this in the workplace. It’s no surprise that employees should reject the notion of IT controlling personal devices, but they will generally accept control of corporate information of those devices.
By keeping the lines of communication open between employees and the IT department, CIOs can strengthen their network performance by gaining invaluable feedback and insight into the efficiency of their technology.