What is Shadow IT?

What is Shadow IT?

Shadow IT is an IT solution used inside an organization without corporate approval – Central IT does not know about it. Shadow IT is common practice inside business units that need to move fast to respond to the market. Business units are often frustrated by the speed and internal barriers of Central IT, so they work around them by building or leveraging third-party solutions. Shadow IT can be both good and bad. It can be seen as a source of innovation that can be replicated. Or, it can also be seen as outside the corporate requirements and standards.

Bob Gourley, CTO, Crucial Point. Shadow IT encompasses BYOD (and Wi-Fi), cloud, etc. when creating or managing environments. It is difficult for CIOs to enforce a no Shadow IT policy because human nature is to do whatever it takes to get the job done. Central IT must have smart, informed policy. It is always better to work with the business units and give them the tools that they need to get the job done. Working together keeps everyone within the corporate guidelines for auditing, security, etc. Killing non-authorized projects can be counterproductive to the mission.

Kim Stevenson, CIO, Intel. Business units make decisions based on their objectives and what is most efficient for them. If they are not choosing to work with Central IT, there is a reason for it. It is hard to fault Shadow IT because it is fulfilling a need that Central IT is not. Central IT must inspect the reasons why the business units are choosing to use Shadow IT. Central IT must ask itself, what is the best way to fulfil the need for the entire company, not just the specific business unit. It is company acceleration that Central IT is trying to accomplish.

Raymon Baez, CIO, HP. Companies have a lot of smart people. It is unrealistic that IT innovation will only come from Central IT. If the CIO says, “no Shadow IT,” the business units will stop talking to them and the company will miss out. Central IT should work to partner and co-innovate with the business units. If a solution will benefit the entire company, it should be rolled into Central IT for scalability, security, support, etc. When you perform Central IT well and collaborate with the business units, they do not want to perform IT. They want the function to sit where it belongs.

It is critical that Central IT understand what type of Shadow IT is being used in the business units. This includes BOYD and cloud services like AWS, Box, LinkedIn, etc. Central IT must understand the implications of each to the company. Is it compliant? It is secure? What information is being shared and stored outside of Central IT? Central IT must also understand why Shadow IT is happening. Is it not providing the services needed for people to do their jobs? How can it be provided to them? How can Central IT help users versus forcing them to go outside?

All contents copyright © 2014, Josh Lowry. All rights reserved.


Leave Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: