Winning a war against shadow IT is impossible. More importantly, waging such a war proves a lack of understanding. James West says IT departments must quickly learn the dynamics of the situation before completely alienating themselves.
A recent article on publictechnology.net says that the public sector must ‘win the battle against shadow IT’. It argues that shadow IT presents a security risk and that public sector organisations must limit the use of cloud-services and third-party apps for business purposes.
It’s true that shadow IT poses a security risk that must be addressed. But the biggest problem highlighted in this article is that IT departments continue to patronise and underestimate their business colleagues.
The corporate tech security myth
Just because technology has been corporate approved, it isn’t automatically secure. Huge and very sophisticated systems are being compromised on a regular basis, so distilling the problem down to silly users bringing their phones to work is naive. This reductive view is also dangerous because it means that many organisations are ignoring the massive security threat that their ‘safe’ systems pose.
IT security is a company-wide problem involving many parties. Yes, IT must educate workers of the dangers. But it’s just as likely that someone will click an email containing malware on their work desktop as it is they will lose their personal phone. Similarly, hackers are more likely to attack a corporate IT system rather than a personal account because they will cause more damage doing the former.
I’m picking on this article and its point about security because it’s representative of a dangerous and damaging viewpoint within IT. But I could reference myriad articles and conversations with IT practitioners and suppliers that offer the same perception.
The problem I refer to is that shadow IT is seen as inherently bad and business colleagues are clueless about technology. IT departments seem to think they must ‘battle’ shadow IT and restore corporate-approved technology to its rightful position as the only supplier of technology into the business.
‘Leave technology to us’
IT departments ‘battling’ shadow IT send a clear message to the business: you don’t know what you’re doing and we do. People didn’t start adopting third party technologies because they are inherent trouble-makers. Neither do they have any intention of threatening the integrity of the IT infrastructure. They turn to shadow IT because they want to do something with technology. Either the technology prescribed isn’t suited to a task or tools are now widely available which do a much better job.
There are many instances where business units and individuals have introduced low-cost tools which transform working practices. Think of applications such as Skype, DropBox, Google Mail and Slack. Were they introduced to the business by the IT department? Or have they been begrudgingly accepted by IT because someone else introduced them and rapid adoption made it impossible to stop? If it’s the latter, then it’s the business – not IT – that is leading the intelligent adoption of technology. This is a hugely important point which highlights why an IT department displaying an elitist view of technology is anachronistic.
Shadow IT simply demonstrates supply and demand in business. The existence of shadow IT tells us that IT is not delivering the business what it needs. If IT ignores or denies this self-evident truth, the situation gets worse. The business gets more frustrated at the IT department’s lack of flexibility and rebels even harder. Once this situation occurs (and many businesses are already suffering this) then the business community does become bloody-minded and anti-IT. It’s then very difficult for IT to change this perception and expect any cooperation or support from the business.
The solution requires a major attitude readjustment. IT departments must be more open-minded and less elitist about technology. The IT department must stop ‘battling’ shadow IT and instead take a leading role in its adoption.
Shadow IT is not an uprising
For IT departments to remain relevant, they must cease their attempts to squash shadow IT as if it’s an uprising. Shadow IT offers an opportunity for IT departments to cement their value. By studying shadow IT within the organisation, smart IT professionals can establish exactly what the business needs to do with technology. And by then taking a leading role, IT can help deliver new technologies safely into the business within secure parameters.
IT security is a huge issue and it will only be tackled by IT and business colleagues working together. A divided, siloed IT department which constantly blocks innovation will never gain the backing of the business. However, an IT department showing a willingness to be flexible and innovative is more likely to gain the trust of the business, which in turn is more like to obey security protocols.
It’s impossible to stop shadow IT. Technology is simply moving too fast and is too accessible to block. Therefore, the battle is futile. But more importantly, battling shadow IT shows the wrong attitude and ignorance of what drives it. IT must stop battling and instead work with the business to deliver the technology it needs.
Read the follow-up article: Should using Shadow IT be a sackable offence?