We recently used this blog to introduce a new way to conceptualize enterprise technology, known as the stacks approach.
WHERE DOES SHADOW IT FIT IN?Today, I’d like to add a wrinkle to the very tidy stacks approach, because we all know that enterprise IT isn’t quite so cut and dry. That wrinkle is known as shadow IT, the practice of employees procuring and using their own applications without IT approval.
YES, SHADOW IT ISN’T IDEAL
As shadow IT has exploded in recent years, it hasn’t received the best reputation. For the most part, these negative perceptions are warranted for three key reasons:
Shadow applications are siloed applications: Because these applications won’t be integrated into any of your technology stacks, you’re likely to miss opportunities to add value to information by passing it between systems. In short, users might miss out on the full value these applications could provide if they were properly managed and integrated into the fold.
Users become the admins: When users go out and procure applications on their own, they typically become the admins for these applications. However, these users don’t have the experience managing technology that’s typically required to properly secure applications and handle any issues that arise.
Security falls by the wayside: Most importantly, shadow applications can put corporate data at risk in two ways. The first is if users discontinue the applications when they leave your company, meaning all of that data leaves with them. The second is if users implement applications that don’t meet your corporate security or, worse yet, government-set compliance guidelines.
BUT SHADOW IT ISN’T ALL BADWhen you dig a little deeper, you’ll actually find that shadow IT can add value to your organization. You see, shadow IT occurs because users want to work more efficiently and effectively, and that’s not a bad thing for your business.
FINDING A PLACE FOR SHADOW IT IN THE ENTERPRISEGiven the downsides, the gut reaction to shadow IT is typically lockdown. However, shadow IT isn’t going anywhere, and the stricter you become, the more you’ll just push these activities further into the shadows, thereby increasing the associated risks.