February 10, 2014

What Is Shadow IT? And How Can We Manage It Efficiently?

By CloudTweaks

What Is Shadow IT?

Bring Your Own Cloud (BYOC) and Bring Your Own Device (BYOD) have changed the way that people work by putting users in control of their productivity. Employees can now obtain the capabilities they want, when they want and for as long as they want, without having to wait for IT to build it. And with tangible improvement in convenience and productivity there is no turning back now.

This is bad news for IT because this parallel IT environment, typically known as “Shadow IT,” is being created without consulting with and often without even informing IT. Suddenly, IT personnel are being asked to support technologies they have neither tested nor approved. And worse, in some cases, these technologies can violate compliance mandates and can introduce unknown Vulnerabilities. So what should IT do? Should they ignore it and hope it goes away or should they put a stop to it and be viewed as an impediment to progress?

Neither is a good option! “Shadow IT” is not going away and given the distinct benefits of agility and productivity, stifling this movement is clearly not in anyone’s best interest. IT needs to embrace “Shadow IT” but ensure that the interests of the organization are not compromised. And the best way to manage “Shadow IT” it is by making your IT an integral part of the value chain.

The following are five tips for managing “Shadow IT” in the enterprise that allow businesses to take advantage of emerging technologies and IT to be able to understand and control what is added to the environment.

1: Identify ”Shadow IT”

The first step in overcoming “Shadow IT” is to identify it. Without insight into what tools users are purchasing and using at work, it’s impossible to know how to manage them. The second is controlling it. This may be accomplished through a combination of Whitelists, whereby unauthorized applications cannot be run on company issued IT assets, and notification tools that alert IT if someone does attempt to run an unauthorized app.

2: Accommodate the needs of the BU

In order to accommodate the needs of the Business Unit (BU), IT can create and share a list of approved software and applications beyond the standard issue software. This would serve as a cheat sheet for business units making their own purchase decisions. By following the list, the BU would be pre-authorized to make a purchase and IT is assured that the introduction does not cause security risks or compatibility issues. IT should also put a process in place that allows them to quickly approve/disapprove new applications actively sought by Business Units.

3: Communicate effectively

Actively communicate your Business Continuity/Disaster Recovery/Data Security and other policies so that BUs, choosing to rely on outside providers for their services, can negotiate SLAs that meet or exceed the internal availability and performance expectations. Create templates so that the BU decision makers are asking the right questions such as: “In the event of a failure of the SaaS app or hosted technology, is the data backed up? Can the data and business workflow be recovered somewhere else?

4: Implement strategy across entire organization

Creating policies in a vacuum makes it nearly impossible for sys-admins to properly manage the performance and resource issues of day-to-day operations, let alone “Shadow IT.” By implementing a strategy across the entire organization, you empower employees to come out of the shadows, and to report issues subsequent of “Shadow IT,” such as a network slowdown, and alert IT.

5: Reduce complexity

Deploy tools that enable you to monitor services running outside your physical environment, encourage your Business Unit IT professionals to use these tools. By unifying your solutions, you not only simplify the management of your infrastructure, you achieve greater insight into how your resources are being used to ultimately reduce mean time to resolve (MTTR) problems.

With some proactive readjusting, IT can enable users while mitigating and minimizing the risks that are often associated with third-party apps and services in the Workplace. This ultimately will help to bring users out of the shadows of “Shadow IT.”

By Deepak Kanwar, Senior Manager, Zenoss

CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in cloud connected technology information, resources and thought leadership services. Contact us for ways on how to contribute and support our dedicated cloud community.
Nagaraj Kuppuswamy

Next-Generation Threats: Securing Multi-Cloud Environment

Next-Generation Threats Using cloud services from multiple cloud service providers is the fundamental tenet of [...]
Read more
Surya Kant Verma

Choosing the Right Cloud Platform: A Guide to Finding Secure, Cost-Efficient Solutions

Choosing the Right Cloud Platform Cloud computing has revolutionized how organizations work, offering an increased [...]
Read more
Freshworks

Freshservice’s Journey to Streamlining IT Operations

Freshservice, a cloud-based IT service management solution, is a part of Freshworks Inc., a company [...]
Read more
Gary Bernstein

The AI Vanguard: MixMode’s 2024 Insight into Cybersecurity’s New Era

Insight into Cybersecurity’s New Era As we enter into 2024, the adoption of AI in [...]
Read more

AI at the Gate: Navigating the Future of Cybersecurity with SonicWall’s Bobby Cornwell

Navigating the Future of Cybersecurity In the face of the digital age’s advancements, AI’s role [...]
Read more
Steve Prentice

Episode 16: Bigger is not always better: the benefits of working with smaller cloud providers

The benefits of working with smaller cloud providers A conversation with Ryan Pollock, VP Product [...]
Read more

SPONSOR PARTNER

Explore top-tier education with exclusive savings on online courses from MIT, Oxford, and Harvard through our e-learning sponsor. Elevate your career with world-class knowledge. Start now!
© 2024 CloudTweaks. All rights reserved.