ShadowIT
In an ideal world a corporate IT department would run a standardized, secure environment that fulfills all user requirement. The members of the CIO office are well respected and often invited, since when they turn up, things start moving. Also everybody loves the flying cars they use for transport.
In reality most IT departments are caught between a rock and a hard place. Under the (justified or not) pretext of standardization (read: saving cost for the IT department) and security IT departments got used to say no or demand outrageous sums of money. When I was working for a bank (and there are quite many on the list) the customer relations department wanted a website to share information with their high net client, something you can use a Domino easily for. The IT guys jumped in and proposed a high availability architecture that had to have a hardware appliance for SSL management. Naturally that blew any budget. I challenged them and they declared: we must make sure it is secure, so I asked them what they think the customer relationship officers do now, sending eMail of course! They looked a little puzzled and declared: " our computing guidelines don't allow confidential information to be send via eMail, so there isn't a problem". So I asked them: what do you think will happen when a billionaire customer calls and says "eMail me that information"? Out through the window go your guidelines
So the trinity of "can't, won't, charge you arm and leg" let to the rise of an interesting animal lurking in the dark: ShadowIT
The server running on that spare laptop, the pluggable harddrive for backup etc. Even more in software: that word processing macro, the spreadsheet running reports, that little PHP site, that student tool combining CSV exports from the inner sanctum of corporate IT. Interestingly no IT department dares to challenge it, but they should. ShadowIT leads to incompatible data, fragile combination of information, duplicate entries and so on. But of course weeding it out only drives it further away, high into the cloud. The only way to cut it out: fulfil user needs as envisioned when IT was invented. In short transform from " Gibts nicht to Geht nicht, gibts nicht (from "you can have that" to "impossible is impossible")
In reality most IT departments are caught between a rock and a hard place. Under the (justified or not) pretext of standardization (read: saving cost for the IT department) and security IT departments got used to say no or demand outrageous sums of money. When I was working for a bank (and there are quite many on the list) the customer relations department wanted a website to share information with their high net client, something you can use a Domino easily for. The IT guys jumped in and proposed a high availability architecture that had to have a hardware appliance for SSL management. Naturally that blew any budget. I challenged them and they declared: we must make sure it is secure, so I asked them what they think the customer relationship officers do now, sending eMail of course! They looked a little puzzled and declared: " our computing guidelines don't allow confidential information to be send via eMail, so there isn't a problem". So I asked them: what do you think will happen when a billionaire customer calls and says "eMail me that information"? Out through the window go your guidelines
So the trinity of "can't, won't, charge you arm and leg" let to the rise of an interesting animal lurking in the dark: ShadowIT
The server running on that spare laptop, the pluggable harddrive for backup etc. Even more in software: that word processing macro, the spreadsheet running reports, that little PHP site, that student tool combining CSV exports from the inner sanctum of corporate IT. Interestingly no IT department dares to challenge it, but they should. ShadowIT leads to incompatible data, fragile combination of information, duplicate entries and so on. But of course weeding it out only drives it further away, high into the cloud. The only way to cut it out: fulfil user needs as envisioned when IT was invented. In short transform from " Gibts nicht to Geht nicht, gibts nicht (from "you can have that" to "impossible is impossible")
Posted by Stephan H Wissel on 30 May 2013 | Comments (1) | categories: Business