Turning ‘Shadow IT’ into ‘Running the Business’

    Slide Show

    Five Tips for Overcoming Shadow IT in the Enterprise

    The battle against shadow IT has been lost. Eventually, we’ll stop calling it shadow IT, too. The ability for employees and business units to procure devices and software outside the traditional IT channels in order to efficiently collaborate, communicate and get their jobs done is creating positive change for IT, too: Freeing up IT man hours for more mission-critical and growth-oriented projects and unearthing new ways for IT to operate as a strategic partner, starting with the CIO. That’s not to say the massive trend doesn’t also create more work and more complexity. Gartner forecasts that by 2017, half of employers will require workers to supply their own devices, and the business applications for all of the data created by the Internet of Things are just coming to light. But getting back to the more positive view, let’s look at how some CIOs and their staffs are using the motivations behind what we’ll call shadow IT for a little longer to enhance their positions as strategic business partners.

    Research Analyst Jamie Heyes writes on that CIOs need to make sure they are educating their IT staff about viewing some shadow IT as a sign of innovation from the business, rather than a threat. The options, he writes, ought to include knowing “when to encourage business-led technology experimentation, when to intervene, and when to stand back.”

    Heyes highlights one CIO who uses three methods to keep his IT staff focused on supporting positive “technology experiments”:

    Help IT employees understand what matters most to business partners: This is no more than simply framing the conversation around the capabilities needed to accomplish goals, rather than lists of technology details.

    Educate IT employees on the risk and reward of changing capabilities: This step involves categorizing capabilities or activities into four types (core but not diffentiating, analysis, etc.) and then relating that back to the question of whether to “shut it down.”

    Define when IT employees should get involved in business partner-led technology experimentation: Pulling together information about the categorized capabilities and the shadow IT projects that the business wants (or already has) creates a more concrete matrix of risk and reward that speaks to the IT department.

    Arthur Cole recently pointed out that management tools for large enterprise environments are adding components that will allow IT to maintain some level of awareness and monitoring, while users build their own sets of mobile, collaborative and other programs and tools. The aim is to mimic the user-friendly platforms that lure employees to outside offerings in the first place and cement the IT-business partnership.

    Adoption of these governance approaches will require, as usual, clear policies and user education to lure everyone into participating, especially in any organizations where an adversarial relationship between IT and users might have already bloomed. But it certainly can be done: A Blackstone Group survey of various technology habits among U.S. and Canadian employees found that, for example, though SaaS users reported they were 16 times more likely than other users to access work files through an application that IT doesn’t know they have, 67 percent said their IT departments are responsive and 46 percent said that IT provides a secure equivalent when an unauthorized app is discovered.

    Gartner Research VP David Cappuccio suggests that we change the term from shadow IT to business IT and consider implementing innovation labs where IT and business partners would come together to combine “IT experience and business innovation.” Since the lab idea isn’t elaborated upon, a CIO could presumably interpret that approach as anything from an open door policy for discussions and questions to a more structured process of evaluating risk/reward, like the one Heyes described.

    Either way, the shadow is fading. Rather than a loss of control, the change can be one that creates a different approach to control and uncover ways for IT to be seen as a more prominent enabler of the business as a whole.

    Latest Articles