Public cloud services sneak in through IT’s back door

“I’m a back door man, I’m a back door man The CIO don’t know, but the users understand.”

Well, maybe those aren’t the exact lyrics sung by Jim Morrison (or Howlin’ Wolf). Yet much of the information technology used by enterprises is first snuck in the back door by users rather than invited in the front door by the CIO.

The personal computer was a prime example of back door technology. Back in the 1980s, while the IT department ran their mainframes and minicomputers, department managers were stuck tracking budgets and forecasts with adding machines and pads of paper. But a PC with spreadsheet software made those tasks much simpler and quicker. (By the way, you can still download and run original VisiCalc. Only 27,520 bytes!) A departmental budget could absorb the cost of several thousand dollars, and getting started was simple enough. Soon PCs were showing up everywhere.

With more PCs, naturally people wanted to share files and printers, which prompted the adoption of another back-door technology: local-area networks. Ethernet came to dominate the rise of LANs, as it vanquished token ring in a holy war that seems remarkably pointless in retrospect (usually the case with holy wars). Novell NetWare provided add-on sharing capabilities to DOS and Windows until Microsoft finally retrofitted usable networking. 

Eventually, the network of PCs began to overwhelm departments’ ability to support them. The self-taught computer geek in the group was unable to keep up with all the technical issues and changes. Distributed buying decisions diluted the company’s purchasing power. Security was a neglected afterthought. Now that the business had come to depend on this back-door technology, it was time for the IT department to take responsibility. The personal computer became an enterprise asset. 

The IT back door is still unlocked

The back door is still not locked, however, and other technologies continue to sneak in. 

Wi‑Fi arrived through the back door as users plugged Linksys and Netgear boxes into conference room Ethernet jacks. The network police from central IT tracked down and removed these “rogue” access points until they found one in the CEO’s conference room. Then it was time for an enterprise Wi‑Fi system. 

Blackberry arrived through the back door as early adopters used an extra PC hidden under a desk to forward corporate email to and from the device. To contain the spread of this security nightmare, the IT department deployed Blackberry Enterprise Servers. Soon iPhones and Androids snuck through the back door, and BYOD started the cycle again. 

Dropbox arrived through the back door. Many IT departments responded by banning it. We’ll see how that works out. 

Back door adoption is so typical for information technology that a pattern becomes clear: 

1. Early-adopter users or business units discover technology they want. They find a way to bring it to work through a back door and bury the cost in expense reports or departmental budgets. To ask permission is to seek denial, so they don’t bother discussing their activity with the IT department.
2. Eventually the IT department finds out and resists. Though they may claim that innovation is their priority, they also face pressures to contain costs, maintain stability, and protect security. These considerations often make “no” their default answer to new things. (To be fair, some impedance makes sense, since many novelties are indeed passing fads.)
3. Assuming the benefits are strong and lasting enough, business users ignore the ban and find a way. After all, you can’t concede a major technological advantage to your competitors, whether they’re external or internal.
4. Eventually the business comes to depend on the back-door technology. To regain purchasing control, provide operational scale and reliability, and safeguard security, the IT department starts providing official support.

Back door clouds

Public cloud services are a rapidly growing back-door technology, as software developers take advantage of convenient access to the tools they want. Need a custom-configured environment to learn a new skill or try new software? No need to open a ticket for resources from IT, just login to AWS. Amazon already has a credit card number, and if the charge is small qenough, bury it in an expense report.

Maybe corporate IT says not to use the public cloud, but unfortunately their internal private cloud proof-of-concept has slipped yet again. Meanwhile, the deadline for delivering that new application is coming soon, and competitors are already in production. Perhaps development and even deployment on the public cloud would be acceptable as an “interim” measure, just until the private cloud catches up with the public cloud. Whenever that might be.

Since web and mobile applications have become central to how every enterprise interacts with its customers, strong software developers have become crucial competitive players. Providing them with a powerful development environment becomes a requirement for making them effective, and even retaining them. The public cloud sets a benchmark for those environments, and if they’re getting anything less—well, to quote a different lyric, from John Fogerty:

“Imagination sets in, pretty soon I’m singin’ Doo doo doo, lookin’ out my back door.”