You may have heard the term shadow IT bandied about lately, in both analyst musings and the industry press (they often feed off each other in the always fascinating game of buzzword bingo). What’s interesting about shadow IT is that it’s really nothing new, but rather something thats been with us for years, but the latest version (which I’ll creatively call V2) has grown in significance (and scope) to where the C-suite should start to pay attention.
Local Support Driven by Necessity
What is shadow IT? That depends on your perspective and how long you’ve been involved with IT. In the early days of distributed computing, client server and the PC “enabling” the business, shadow IT was that group of people that both held everything together at the business unit or department level, and caused all the chaos for central IT. Oftentimes these individuals were not formally IT, or even responsible for IT support, but because of their innate skills, their standing within the business unit, or their relationship with peers, they became the de facto stand-in for a formal IT process which had yet to reach the hinterlands.
In most cases this was not a budgeted support function either, it was just done because it was either much more expedient than using the “formal” process, or it had grown organically with the business units adoption of IT and thus became just one of those embedded processes. This 1.0 version of shadow IT was focused mostly on the introduction of unauthorized technologies (both hardware and software) and the subsequent peer support that was required. “Hey Joe” support structures were common in business, but undocumented, and were often the first avenue an end user pursued to solve a technical issue. Over the years shadow IT V1 was mostly eliminated by the implementation of standardized architectures, automated support services, efficient call centers, and an increase in systems complexity.
That said, version 2.0 will not be so easy to deal with.
Shadow IT today is radically different from the past in both it’s reasons (to exist) and its impact, and in many cases it will not be something that traditional IT can solve by rolling out more technology and process.
Driven by need. (responsiveness to users). Over the past few years we have seen a dramatic increase in the number and types of devices available to business users. In most instances organizations found that waiting for IT to go through it’s traditional approval/evaluation process was not acceptable, especially with the potential productivity benefits that came with these devices (e.g. tablets, smart phones). IT organizations found themselves either putting device and software approvals on the fast track, or continually reacting to support requests for new device types that were “non-standard”. Saying no the business was not an option, especially since most of these devices were funded through departmental non-IT budgets and were seen as potential gateways to new business processes and emerging market opportunities.
Driven by speed (applications delivery). This proliferation of user friendly devices had a serious cascade effect in the form of a flood of newer, smaller, purpose built applications that were being downloaded by business users. These applications were rarely what would be considered enterprise-class, but to the business user it didn’t matter, as these applications were inexpensive, quickly installed, and quickly updated with rapid version/refresh cycles. This sequence of events began to drive a cultural shift in many business units, one where the quality of an application did not come first, but where access and availability did, which in turn meant that a high majority of the innovative applications being tested by the business were acquired outside of the control of central IT, essentially establishing a business IT process that was distinctly separate from the central IT process.
Driven by knowledge (responsiveness to markets). As business users have become more comfortable with these newer device types, applications are emerging that focus specifically on the convergence of content, context and location. Using these three drivers the types and linkages between devices, applications, business processes and large data stores (e.g. existing CRM and ERP systems) have moved the focus of applications away from enabling the business towards one of enabling the individual.
What can IT do? If IT is to respond to this form of Shadow IT they must pair with business partners and work together as part of innovation labs (often driven by the business and not IT), Innovation labs can become the integration point where IT experience and business innovation can come together, but the focus is NOT as a control point, but as an enabler of change, with clear understanding on both sides of the aisle of what the potential cascade effects will be on both the business and on IT. Otherwise IT organizations can decide that their real value is to support and maintain a flexible infrastructure that supports rapid innovation by the business, and just let 1,000 flowers bloom. Either way the new Shadow IT, which we should now call Business IT, is here to stay.
Food for thought….
Read Complimentary Relevant Research
Predicts 2017: Artificial Intelligence
Artificial intelligence is changing the way in which organizations innovate and communicate their processes, products and services. Practical...
View Relevant Webinars
How to Live Without Mobile Device Management
This webinar addresses the growing trend of users refusing to have enterprise management of their mobile devices due to privacy concerns....
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.