If the use of Shadow IT is against corporate policy, staff partaking are technically committing a severe offence. James West asks whether job losses are the way to curb the practice?

My recent article about the futility of blocking Shadow IT has provoked some polarising opinions on social media. Some people have supported my view, stating that it is indeed futile and despite the obvious problems caused, IT must respond. Others have taken a hardline approach, insisting that Shadow IT should not be allowed.

But the most extreme view stated that when Shadow IT goes against corporate policy, the offenders should lose their jobs.

Of course, in fundamental terms, this is correct.  If corporate policies stipulate that rules relating to Shadow IT must be adhered to, staff must obey.  And yes, persistently breaking the rules could eventually lead to someone being dismissed.

But this misses the point completely. By criminalising something that most people have partaken in at some stage, you have to question the validity of the law itself. As stated in my previous article, people aren’t using Shadow IT to cause a problem. They use it because the IT they are provided is too slow/cumbersome/unreliable/lacking in functionality. They use Shadow IT because they are trying to be better at their job. Yet in the eyes of certain IT professionals, this is wrong.

Common sense
Common sense needs to be applied here.  Yes, if people are deliberately flaunting corporate rules and refusing to curb their behaviour despite warnings, intervention is needed. But there’s a massive difference between someone using a smartphone for work email and someone else subscribing to an unsecure cloud service to run a crucial business service. There’s a huge gray area here that must be considered.

And this is where smart and progressive IT departments are winning. By getting involved in creating new policies and teaching people how to use Shadow IT tools for work purposes, they position themselves as a strong business asset. Crucially, it negates the need for Shadow IT by simple virtue of finally giving the business what it wants. It’s ironic that the way to eradicate Shadow IT is to embrace it.

Shadow IT is a pain…to IT
Certain IT professionals don’t like Shadow IT because it makes their job much harder. It’s easier to maintain existing usage policies and oversee a pre-approved IT estate than it is to expand. For IT professionals yet to accept the fact that non-approved IT will never leave the organisation here’s a fact you won’t want to read:

Apart from you, no one in the business cares that Shadow IT is a pain.

Just as you don’t care if new legislation means that HR has to rewrite all of its policies to ensure your contract is fair, or the finance department has to purchase and learn a new payroll system to ensure you get paid, no one cares that changes to IT mean you have to work harder. You’re not employed because IT is easy. 

IT is subject to the same scrutiny as any other business department today. There’s no more coasting through the job because you have technical knowledge. IT professionals are expected to deliver demonstrable value and be team players. 

The “no-means-no” policy relating to Shadow IT makes perfect sense – for those working in IT. However, IT professionals mustn’t forget that just like every other department or individual within the organsiation, they are paid to serve the business.

It is possible to incorporate ‘shadow’ technologies into the business. It is possible to create policies that allow staff to experiment with new tools without damaging the integrity of the business.  It’s also possible to create an open dialogue with the business about their IT challenges and introduce solutions.

Is this difficult to achieve? Absolutely. Is it easier to maintain and secure the existing IT infrastructure? Of course it is. Unfortunately, IT professionals are not paid to take the easy route.  “But it’s hard” is not a valid reason for refusing to deal with Shadow IT.

Because like it or not, the people losing their jobs for not towing the Shadow IT line won’t be the end users.  It will be the IT staff who refuse to alter their draconian views. 

 

 

Author Bio:
James West

James West

Editor, SITS Insight

If you have service desk news to share or would like to become a SITS Insight blogger, please get in touch with James

More from James West

More like this

, ,

2 Responses to Should staff using Shadow IT lose their job?

  1. SeaGaf August 10, 2017 at 13:27 #

    Using Shadow IT is a bit like driving above the speed limit, just about everyone does it at some point and most times nothing bad happens. You don’t expect a driving ban for being a few MPH over the limit on an empty motorway in good driving conditions but your would if you got caught doing 100+ mph in a built up area. It all comes down to the level of risk and recklessness displayed, and the potential to cause serious injury or death.

    I think the same goes for Shadow IT, a hard line approach of dismissal is either going to lead to victimisation (using Shadow IT as the excuse for getting rid of someone who is not performing or fitting it) or the loss of some of your best people (problem solvers).

    For most transgressions IT needs to find the equivalent of a speed awareness course to educate people about the risk and dangers and provide good reasons (and alternatives) to minimise the threat from shadow IT practices. But id someone was crazy enough to download your entire customer database into a non-secure cloud application then you may well be in the realms of gross misconduct and potential for dismissal.

    • James West
      James West August 10, 2017 at 14:00 #

      SeaGaf, some good points about how to intelligently manage Shadow IT misuse, I appreciate how this is thought through. Although my point is that if IT did a better job delivering useful IT, we’d never have to worry about this as Shadow IT wouldn’t exist.

      I like the analogy – to a point. I know you didn’t mean it this way, but it’s important to remember IT is never life or death, even if you do put the database into the cloud!

Have your say

%d bloggers like this: