THE BLOG

Are You Operating Your Own Shadow IT Department?

17/07/2015 10:11 BST | Updated 14/07/2016 10:59 BST

There's no question that cloud computing now plays a big role in most of our lives, although many people may not even realise it. Mobile phones, computers, games consoles, cars, connected appliances, watches... the list goes on. All of these connected devices now need to be regularly synced to the cloud in order for us to get the best out of them. The cloud brings us new functionality, greater reliability, unlimited storage space and a degree of user choice and flexibility unimaginable twenty years ago.

As we have become ever more accustomed to using cloud services in our home and personal lives, the same has also become true of our working lives.

Cloud computing now enables a seamless digital working life both inside and outside of the office. Working from home, sharing and storing data, remote capabilities and Bring Your Own Device (BYOD) have all been facilitated by the cloud. In fact, some reports have even suggested that cloud technologies are making physical offices obsolete altogether. However, with the average employee now very comfortable with the process of acquiring and using cloud services, the traditional role of the IT department - as a selector and purchaser of workplace technology - is coming under threat.

Shadow IT is a term being used to describe IT projects being carried out without the permission, control or knowledge of an organisation's IT department. A decade ago, shadow IT spending was limited to basic computer accessories or boxed software. But in today's market, vast sums are being spent by unauthorised employees on personalised IT services, such as cloud computing.

For example, many employee teams are purchasing their own cloud storage solutions or direct mail platforms to replace existing internal tools. In many ways, this is only natural. For a digitally savvy employee in, say, HR or marketing, it will be second nature to get the tool they need with just a few clicks (and perhaps a company credit card). And, you might ask, if these tools are helping to drive productivity, why does it even matter?

The answer is that, as an isolated incident, it might not. However as a wider trend, it can quickly become a significant issue for businesses. It's been predicted that these types of shadow IT purchases now make up a colossal 40 percent of IT spending and, according to recent research carried out by Brocade, this issue affects the majority of businesses; 96 percent of UK CIOs say that business units have bought cloud services without the IT department's involvement, despite only 20 percent of organisations saying that this is permitted.

As with many things, buying individually rather than in bulk results in a higher costs. For cloud computing this is very much so the case, especially if the cloud services purchased are supplementing existing solutions provided by the company.

Furthermore, using cloud services that have not been approved by IT can put business data at risk. By using third party cloud solutions without reading the small print, employees can't be sure about what is happening to their data once it leaves their sight. With marketing teams often planning product launches and HR departments holding an array of sensitive data, it's easy to see how a security breach could be disastrous to a business, its employees and, of course, its customers.

Lastly, without input from the IT team there is likely to be little attention paid to the SLAs provided by cloud providers, compliance with government regulations and the plethora of other issues that businesses must consider before handing over money and data to third parties.

However, the answer for businesses is not simply to clamp down on cloud services and try to force employees back on to the reservation. In today's world of consumerised IT, the old 'command and control' approach simply is not feasible. Users want to use the technology that will allow them to do their job and are not prepared to sacrifice productivity just because it is corporate policy. Instead, a new approach to IT is required, one that prioritises flexibility and agility and that makes the official, IT-approved tool also the easiest and simplest one to use. It is only by doing this that IT teams can regain control and visibility over the business' IT spending.

This is likely to require significant changes both to a company's culture but also to its existing infrastructure in order to it possible to deploy new software and services as quickly and simply as users now expect from their own consumer services.

This is a significant mindset shift for IT teams but it is only by embracing this change that businesses can move away from Shadow IT to a new more collaborative model, one that can fulfil the security and reliability concerns of the CIO while also meeting the needs of the individual employee.