Shining A Light On The Shadows Of “Shadow IT”

Shining A Light On The Shadows Of “Shadow IT”

Bring Your Own Cloud (BYOC) and Bring Your Own Device (BYOD) have changed the way that people work by putting users in control of their productivity. Employees can now obtain the capabilities they want, when they want and for as long as they want, without having to wait for IT to build it. And with tangible improvement in convenience and productivity there is no turning back now.

shadow-it

This is bad news for IT because this parallel IT environment, typically known as “Shadow IT,” is being created without consulting with and often without even informing IT. Suddenly, IT personnel are being asked to support technologies they have neither tested nor approved. And worse, in some cases, these technologies can violate compliance mandates and can introduce unknown vulnerabilities. So what should IT do? Should they ignore it and hope it goes away or should they put a stop to it and be viewed as an impediment to progress?

Neither is a good option! “Shadow IT” is not going away and given the distinct benefits of agility and productivity, stifling this movement is clearly not in anyone’s best interest. IT needs to embrace “Shadow IT” but ensure that the interests of the organization are not compromised. And the best way to manage “Shadow IT” it is by making your IT an integral part of the value chain.

The following are five tips for managing “Shadow IT” in the enterprise that allow businesses to take advantage of emerging technologies and IT to be able to understand and control what is added to the environment.

1: Identify ”Shadow IT”

The first step in overcoming “Shadow IT” is to identify it. Without insight into what tools users are purchasing and using at work, it’s impossible to know how to manage them. The second is controlling it. This may be accomplished through a combination of Whitelists, whereby unauthorized applications cannot be run on company issued IT assets, and notification tools that alert IT if someone does attempt to run an unauthorized app.

2: Accommodate the needs of the BU

In order to accommodate the needs of the Business Unit (BU), IT can create and share a list of approved software and applications beyond the standard issue software. This would serve as a cheat sheet for business units making their own purchase decisions. By following the list, the BU would be pre-authorized to make a purchase and IT is assured that the introduction does not cause security risks or compatibility issues. IT should also put a process in place that allows them to quickly approve/disapprove new applications actively sought by Business Units.

3: Communicate effectively

Actively communicate your Business Continuity/Disaster Recovery/Data Security and other policies so that BUs, choosing to rely on outside providers for their services, can negotiate SLAs that meet or exceed the internal availability and performance expectations. Create templates so that the BU decision makers are asking the right questions such as: “In the event of a failure of the SaaS app or hosted technology, is the data backed up? Can the data and business workflow be recovered somewhere else?

4: Implement strategy across entire organization

Creating policies in a vacuum makes it nearly impossible for sys-admins to properly manage the performance and resource issues of day-to-day operations, let alone “Shadow IT.” By implementing a strategy across the entire organization, you empower employees to come out of the shadows, and to report issues subsequent of “Shadow IT,” such as a network slowdown, and alert IT.

5: Reduce complexity

Deploy tools that enable you to monitor services running outside your physical environment, encourage your Business Unit IT professionals to use these tools. By unifying your solutions, you not only simplify the management of your infrastructure, you achieve greater insight into how your resources are being used to ultimately reduce mean time to resolve (MTTR) problems.

With some proactive readjusting, IT can enable users while mitigating and minimizing the risks that are often associated with third-party apps and services in the workplace. This ultimately will help to bring users out of the shadows of “Shadow IT.”

By Deepak Kanwar, Senior Manager, Zenoss

Follow Us!

CloudTweaks

Established in 2009, CloudTweaks.com is recognized as one of the leading authorities in cloud computing information. Most of the excellent CloudTweaks articles are provided by our own paid writers, with a small percentage provided by guest authors from around the globe, including CEOs, CIOs, Technology bloggers and Cloud enthusiasts. Our goal is to continue to build a growing community offering the best in-depth articles, interviews, event listings, whitepapers, infographics and much more...
Follow Us!

Sorry, comments are closed for this post.

Join Our Newsletter

Receive updates each week on news, tips, events, comics and much more...

Can I Contribute To CloudTweaks?

Yes, much of our focus in 2015 will be on working with other influencers in a collaborative manner. If you're a technology influencer looking to collaborate long term with CloudTweaks – a globally recognized leader in cloud computing information – drop us an email with “tech influencer” in the subject line.

Please review the guidelines before applying.