Close to a decade since the term “shadow IT” was first used, its “dangers” are still being touted by some IT professionals, but it’s a reactionary stance whose time has surely passed.
For a long time the more conservative element among CIOs wagged a stern finger at those employees who had the nerve to either bring their own device to work or, even worse, use an unapproved app, even though it may have vastly improved an employee’s productivity.
However, perspectives started to change when the CEO suddenly started asking about how they could integrate their iPhone with the corporate systems and networks.
The seemingly steadfast wall between the traditional enterprise IT environment and the new world of consumer/employee-chosen apps and devices started to show cracks. Soon enough, IT professionals could see the code being written on the wall: shadow IT was here to stay.
It might be seen as a bit of a bold statement, but these days one could argue that shadow IT really is the new IT..
This is because you can either ignore that Shadow IT is happening, you can fight against it (and thus risk the IT department being a hindrance to the business and falling victim to other organisations disruptive adoption of such technology), or you can embrace and manage it for the benefit of your organisation, with the agility and innovation it brings.
Apps such as Slack, Evernote and yes.. even Dropbox, are now being used by so many people in their everyday lives that it only makes sense such apps be harnessed for work. This is an innovation push that has been driven from within the ranks, rather than being imposed from upon high. This is one of the reasons why what has been called shadow IT is really now just another element in the enterprise IT environment: people use it because it works.
That’s what we’re seeing with Dropbox too. The reality is a lot of the time when we go into organisations we’ll find 60%+ of the employees are already using Dropbox, and that’s in a work context, which means they are already being successful with it in their daily workflows.
We know one of the main reasons IT projects fail is because of poor uptake and the challenges of change management. You can implement a great and secure solution of beneficial knobs and dials for controlling every aspect of the solution, but if it is too hard to use, no one uses it. The truth is – a lot of security comes from adoption; Adoption is control.
You’re better off picking something you are already being productive with and something that your people have already adopted, which was also the case with the iPhone and smartphones more generally. (Remember when Blackberry was the approved smartphone of choice for so many companies?)
And we said more adoption means more control. Which is where we return to the forward-thinking CIO, who recognises that it’s about adopting the right kind of governance and visibility over these technologies.
Of course big organisations love to pay lip service to buzz concepts such as “agile”, “disruption” and “lean”, but the reality is often quite different, and for the CIO it can be all about creating a business case for the adoption of these kinds of apps as part of an overall IT strategy.
One of the hardest things to come to terms with in dealing with shadow IT is the sense that a certain amount of control is being ceded by the CIO. Control is a strong word, and it implies a rigid attitude at odds with the prevailing wisdom of the times, which is about being open to innovative solutions.
Last year, Gartner introduced the concept of bimodal IT, which it defined as:
The practice of managing two separate, coherent modes of IT delivery, one focused on stability and the other on agility. Mode 1 is traditional and sequential, emphasizing safety and accuracy. Mode 2 is exploratory and nonlinear, emphasizing agility and speed.
It’s an interesting concept and it points towards an approach to building and maintaining an IT environment that shifts in emphasis from autocratic gatekeeping to creative stewardship.
As a flexible, forward-thinking CIO, you can build a culture of agility and respect for new technologies within your enterprise. You might not be able to stop the wave of cloud and consumer chosen technology, but you can ride it.
It’s not hard to understand why bot management is critical to maintaining business availability and customer satisfaction – but do you know how to properly deal with bots?
Increasing use of encryption has created new challenges for enterprise security managers. Ever more-sophisticated encryption such as Perfect Forward Secrecy (PFS) protects data and may even boost your Google ranking – but it also provides a haven for malicious code that may use encryption to bypass enterprise security controls.
Why nation-state attacks are everyone’s problem
With so much change all the time, how can executives best prepare their businesses to meet the security challenges of the coming years? CSO Australia, in conjunction with Mimecast, explored this question in an interactive Webinar that looks at how the threat landscape has evolved – and what we can expect in 2019 and beyond.
An interview with CSO's David Braue and Ian Yip, Chief Technology Officer, McAffee.