According to a 2013 Frost & Sullivan study, more than 80% of line-of-business employees admit to practicing “shadow IT”: using SaaS applications without the knowledge or blessing of their IT groups.[1] It’s a practice that presents obvious security, data integrity, regulatory compliance and other risks, in addition to the potential cost and complexity of supporting unsanctioned SaaS applications.

Don’t let these risks overshadow a major opportunity for your IT group. Shadow IT gives forward-looking IT groups the ability to engage with and empower their line-of-business colleagues – and to establish IT as a strategic partner rather than as a gatekeeper and barrier to progress.

Don’t Let Risk Overshadow Opportunity

The first key to exploiting this opportunity is to acknowledge that most business users resort to shadow IT for a simple reason: They need faster solutions to their problems. These users typically decide that following traditional IT processes will lead to a dead end – forcing them to wait too long for solutions that don’t always address their actual business problems. If the IT group won’t give them the tools they need, they’ll take the initiative to find the right tools elsewhere.

This is why a policy that simply seeks to block unsanctioned SaaS applications or to punish their use is often worse than doing nothing. When your IT group penalizes business users for trying to work more efficiently, you’re setting the stage for an adversarial relationship that doesn’t benefit either side.

There’s a better approach that supports business users while also positioning your IT group as an enabler of innovation and productivity. Here’s how to get started:

1. Open and maintain a dialogue with executive-level support. Meet with department heads and line-of-business stakeholders, and open a non-judgmental conversation about how and why they their teams are using unsanctioned SaaS applications. CIOs and IT leaders must make it clear that the goal isn’t simply to root out shadow IT; it’s to understand why users are resorting to shadow IT to solve business problems. Once this dialogue is established, it’s just as important for IT groups to have regular conversations with LOB teams to identify opportunities to collaborate – and to craft service-level agreements that hold both teams accountable.

2. View your shadow IT findings as a requirements-gathering process. One of the things that makes shadow IT so useful is the fact that it reflects the problems and the needs of the people using it. Why invest time and money in an extended requirements-gathering process when your users’ relationships with shadow IT gives you a shortcut to getting the same information?

3. Don’t fix what isn’t broken. Some shadow IT applications present serious costs and risks; others clearly do not. When your IT group understands the difference and, when possible, embraces turnkey SaaS applications, it can free up resources to build and deploy alternatives to shadow IT applications where third-party SaaS isn’t a viable option.

4. Understand how shadow IT fits into new patterns of IT spending and control. There’s another important reason for IT groups to engage with business users over shadow IT: The fact that a growing share of traditional IT budgets are being reallocated to business stakeholders. In order to say relevant, IT organizations must position themselves as trusted advisors to these users, helping them to select, evaluate and implement SaaS tools in addition to building custom software, process automation and other services.

5. Assess your IT group’s ability to support innovation and efficiency using custom SaaS applications. The fact is that while IT groups may understand what users need when they turn to shadow IT, they may not always have the ability to create better solutions when a third-party SaaS tool isn’t an acceptable solution. Retooling your people, processes and development methodologies to deliver these applications is critical in order to position your IT group as a partner to the business rather than as a barrier to innovation. Your efforts to develop these capabilities, or to partner with firms that can help you develop them, will be a vital investment in the future.

Taking these steps isn’t always easy for IT organizations accustomed to controlling when, where and how the business implements technology. Yet there’s no way to turn back the clock; business users have demonstrated, once and for all, that they will find and use the best solutions to their problems, whether that means engaging with the IT group or resorting to shadow IT applications. If you want your IT group to survive and thrive in this changing environment, it’s essential to treat shadow IT as an opportunity to rethink, retool and reinvent your relationship with the business.
[1] http://www.mcafee.com/us/resources/reports/rp-six-trends-security.pdf

 

Let's Talk