By Wimpie van Rensburg, Country Manager Sub Saharan Africa, Riverbed Technology
The term ‘Shadow IT’ is now a well-established phenomenon in the enterprise. Consumer tech can move faster than enterprise tech, so the adoption of new applications outside of IT jurisdiction in the workplace cannot and should not be blocked. A good CIO knows that anyone in business is living it with their Dropbox account, Google Docs and iPhone.
The number of self-selecting applications employees are using might surprise even the savviest of CIOs, but they should understand that Shadow IT is part of the modern, hybrid-cloud enterprise. It’s no longer a case of being ‘defeated’ by Shadow IT and trying to fight it because we’ve reached a point where the best way to handle it is to embrace it.
Making the move from policing to governing
With employees self-selecting an extensive library of cloud applications, business process disruptions may occur, such as versioning issues, bandwidth control (which can lead to systems running slowly) and security threats. By having too many applications running without any regulation, businesses are likely to experience these issues and see lower productivity rates and system downtime become a regular occurrence. Not to mention the loss of intellectual property.
While CIOs may think they are on top of Shadow IT, the reality of what is happening in their organisation may be quite different. It’s not uncommon for the number of cloud services in use in a business is dramatically higher than what’s estimated.
Especially when you take into consideration the way BYOD is flourishing in the workplace, which opens doors to more employees to adopt cloud services on their own accord. But banning Shadow IT applications and practices is not the answer.
Instead, CIOs need to get a better handle on what is going on in their networks to ensure applications are able to perform at their peak. In the hybrid enterprise, where IT is run on a mix of secure on-premises systems and public cloud systems, it is vital the IT department equips itself for visibility, control and optimisation of its network.
Network visibility in an age of Shadow IT
Indeed, Shadow IT might look like a foreign concept to IT departments, but there are greater risks involved in giving up control of the applications and services that employees use to access IT systems and to manage or share sensitive business information. It undermines security efforts because it can result in compliance violations and can add redundant services that create inefficiencies with those already implemented and overseen by IT.
The lines between personal and work IT have become blurred, and companies need to manage these complexities, whilst finding ways to make their applications perform at their peaks to gain an advantage in the new digital world.
The CIO needs visibility, control, and optimisation across hybrid clouds and networks. Only then will on-premises, cloud, and SaaS applications perform to the service-level agreements determined by the business. If the CIO is unaware of the dozens or even hundreds of unsanctioned cloud services and devices their employees own, then there’s very little chance of them achieving this.
There’s no denying the risks involved in doing this, however trying to regain control by outright banning the services outside of IT jurisdiction is not the right approach either.
Finding allies in ‘Shadow IT’ vendors
If CIOs want to run a successful IT department, they need to work with the business to solve the organisation’s most important problems. They also need to work with their community, rather than against it.
Shadow IT should be seen as something that highlights the areas in which IT is falling short of the needs of the employee. With a more progressive approach to meeting employee needs, CIOs can implement regulations that support Shadow IT initiatives and help them to understand employees’ grievances in order to find the right solutions and services for the business and its requirements.
Once CIOs have identified the most popular Shadow IT applications, they should not be afraid to reach out to the IT vendors directly to understand the value proposition of officially implementing their services. Vendors will be pleased to have the opportunity to establish a long-term profitable relationship with your company and the IT department can retain visibility and control over the services being used.
Blackberry has long offered the ability to partition its smartphones to keep personal and work applications and information separate. Apple and IBM have started rolling out made-for-business applications and supporting cloud services that incorporate IBM’s big data and analytics capabilities to iPhone and iPad users. The list is long and growing of both business-to-consumer and business-to-business companies attempting to meet in the middle when market needs arise. IT can influence how this comes together if Shadow IT is acknowledged and embraced.
As the distinction between work and non-work quickly evaporates, policies towards devices and software capabilities should reflect this in the workplace. It’s no surprise that employees should reject the notion of IT controlling personal devices, but they will generally accept control of corporate information of those devices.
By keeping the lines of communication open between employees and the IT department, CIOs can strengthen their network performance by gaining invaluable feedback and insight into the efficiency of their technology.