How to embrace the benefits of shadow IT

By making shadow IT a bad word, CIOs are ignoring the benefits of what are business-aligned systems and missing an opportunity to build a cohesive strategy and governance system that includes all the technology systems in an enterprise. Here’s how to better identify, manage and take advantage of business-procured IT.

1 2 Page 2
Page 2 of 2 How can IT leaders best identify and recognize shadow IT?

Wright: By its very nature shadow IT has low visibility and takes time and effort to separate out from the business functions it is woven into. IT leaders may only become aware of it when an incident occurs or an audit or security investigation identifies a new data or security vulnerability. Working with business stakeholders is the real key to identifying the existence and value of shadow IT, as well as how best to harness it.

How can IT leaders best harness the benefits that shadow IT has injected into the business?

In addition to the establishment of SLAs, IT can harness benefits from shadow IT by:

  • De-jargoning IT so a consumer of IT services can specify their needs in plain speak to achieve a clear business outcome. They shouldn’t need to know anything about IT technologies, how they are provisioned, or which provider is delivering them.
  • Bundling hardware, software, infrastructure, and services so a user doesn’t have to be a computer genius to figure out all the piece parts or how they integrate to enable business functions.
  • Expanding the service catalog to include shadow IT services, thereby legitimizing the demand and supply of such services. What can CIOs do to better manage the risks of shadow IT without stifling its benefits?

Wright: Risks exist in any environment that involves change—and change is definitely a constant in IT. The perceived risk of shadow IT is increased when it is delivered in stealth mode as it is unquantified and uncontrolled risk. By legitimizing the shadow capabilities, the increased visibility allows for risks to be assessed and mitigated in the context of the specific business conditions.

In developing risk mitigation strategies it is important not to use a sledgehammer to crack a nut; a one-size-fits-all mandate will likely render shadow IT dead on arrival. Challenging the norms—mixed with a reasonable amount of creativity and out-of-the-box thinking—will help ensure shadow IT benefits. Where does outsourcing fit into the world of shadow IT?

Wright: Shadow IT is not driven by outsourcing and—interestingly enough—can itself be an outsourced function. An outsourcing event is a great opportunity to rationalize and redefine IT services, aligning them to business outcomes and negating the need for multiple organizations [to provision IT services]. If you do all this to shed light on shadow IT, is it even shadow IT anymore? Is there a better term for it?

Wright: A better representation of shadow IT would be to recognize it as “business technology.”

This story, "How to embrace the benefits of shadow IT" was originally published by CIO.

Copyright © 2016 IDG Communications, Inc.

1 2 Page 2
Page 2 of 2
The 10 most powerful companies in enterprise networking 2022