The presence of shadow IT: it is a sure sign that the corporate governance structure of your organization has failed. Is it then time for central IT to ‘go after the bad guys?' Absolutely not, says Rob England, a.k.a. The IT Skeptic. In his opinion, the blame for this widespread dereliction falls squarely upon the shoulders of the executive leadership team (ELT).
The IT Umbrella
England stresses that IT functions need to stay under the umbrella of corporate digital information and technology assets for multiple reasons, including but not limited to the optimization of resource allocation, maximizing productive value of digital assets through company expertise, company security and risk avoidance, and maintaining the ROI of purchased technology.
Knowing Shadow IT
But how does one recognize the presence of shadow IT in the first place? England describes shadow IT in the following way:
Shadow IT is IT that is implemented and operated in business units with less involvement from the centralised organisational IT function/entity/agency than that IT function would like. This differs from distributed IT, where IT capabilities are implemented within business units with the consent and collaboration of the central IT function…Shadow IT (as I'm using the term here) is guerrilla IT. Shadow IT is business units going it alone, going rogue.
Distributed IT is OK
England maintains that central IT should have no quarrel with “distributed IT,” which allows the business to retain flexibility over their operations while driving within the lines set forth by IT governance. But if executives cut the leash that ties the business unit to IT policy, there’s no telling what havoc will be unleashed in the form of unsolicited file sharing, shady software sourcing, or the installation of unregistered applications.
Unfailingly, the central IT function finds out about shadow IT when:
a) The IT Guerillas need access to a network.
b) Something bad happens.
Scenario b usually involves corruption, loss, or theft of data. In some cases the system collapses and there is a huge productivity loss. Again, responsibility rests not with the central IT, which has no ability to enforce the policies of the company, but with those who oversee the organization’s policy – the ELT.
For more common sense wisdom from the IT skeptic, view the original post at: http://www.itskeptic.org/content/how-deal-shadow-it