by Indus Khaitan

Why ‘shadow IT’? Because the speed of doing business is faster than the speed at which IT departments can automate the various technical pieces of the business workflow. Lines of business can now get their own software products to automate business processes easily and in turn, eliminate their dependence on IT.

I ran a shadow IT organization for 4 years while working at one of the largest software companies. During those days, shadow IT meant hiding real hardware in the coat closet unlike today where it’s much easier to sign up for online services in minutes. I had the servers taken away, re-provisioned by IT and controlled. There were many tiffs with the IT department, but it was fun driving the future of IT infrastructure while the IT team took its sweet time in approving critical projects.

Ten years ago, running a shadow IT organization required a certain level of tech wisdom to deal with webservers, databases, programming languages and such. Now all you need is a credit-card to sign up with an online service doing one of many file-syncs, contact/lead management, content workflow, etc. This simple access to software solutions is the bane for a CIO. For less than $10 an enterprise business user can circumvent the hard perimeters IT has put in place for data leakage. In the same breath, that data can be made available on the user’s smartphone or tablet .

In reality, the boundaries have shifted while the IT department is protecting the same perimeter as it had been a decade ago. The data is no longer sitting in the boundaries of a corporate fire-wall, instead it has moved closer to the user who consumes the data. IT department continues to use the tools of yesterday to tackle today’s data movement challenges brought up by the rapid growth in mobility. Unless new tools are adopted and the IT department is ahead of the business users, corporate data will be at risk and shadow IT will continue to exist.

Thanks to the ease of use and reduced friction of online software and apps and tools being used on mobile devices and laptops, it has become easier to run an on-demand IT organization. At the same time, the risk has increased manifold. It has also become next to impossible to impose restrictions without locking horns with the business user. A business user doesn’t mind giving up his/her shadow IT as long as the business does not get impacted. A user will not let the server hardware be taken away without the guarantee that IT will only decommission the application and the hardware until they build the same for the user.