Shadow IT: Far Bigger, Less Manageable And More Important Than You Think

Shadow IT is widely considered to be a significant problem for enterprise IT, yet nobody knows how to fix it, or even measure it. After all, how do you control something that, by its very definition, is designed to evade control?

Shadow IT, which is defined as those systems that are bought or built without enterprise IT’s approval, has been accelerating as business executives demand the flexibility to get things done—and may now dwarf the amount of approved enterprise expenditures on cloud services.

Is it time for the CIO to give up the fight against shadow IT, and simply learn to accept it?

Shadow IT: Bigger Than Cloud?

By some estimates, and as I’ve written before, shadow IT is now 10 times the size of known cloud usage. And while there’s a temptation to assume this is “other companies,” the reality is that your company likely has this problem, too.

At my startup, which I consider to be very well run with several hundred employees, we took an informal poll of the executive team to determine how many systems we were using. There may be wisdom within crowds, but our little crowd was off by roughly five times in our estimates—and those were just the known systems. 

There are almost certainly many other systems that we’re using, some paid and some free, that we simply don’t know about. After all, Skyhigh Networks, which helps companies root out and track Shadow IT, found companies that assume they have ~90 systems actually have over 1,000. That’s a huge disparity. 

That’s why I find these kinds of charts so amusing:

There is simply no way to answer this question. How can anyone report on something that, by definition, they don’t actually know about?

The Cloud Is Much Bigger Than We Think

Cloud adoption, which is already outside the control of the CIO, is likely much, much bigger than we think. Estimates like these are nice, but they’re also almost certainly grossly inaccurate:

While Forrester pegs enterprise adoption of cloud computing at 30%, true adoption is actually much higher than this.

According to a Frost & Sullivan report, 83% of IT workers admit to using non-approved SaaS apps, compared to 81% of line-of-business workers. We’re not talking about isolated incidents here. According to the same report, 26% of IT departments use six or more non-approved SaaS apps; just 7% of business units use that many.

It’s always been this way. Those of us who grew up in open source spent a decade waiting for analysts to recognize that just because open source wasn’t showing up in market share numbers—measured by money spent on licenses—didn’t mean it wasn’t booming. It was, and it wasn’t until nearly five years ago that IDC and others started trying to track the untrackable—at least with regard to trends affecting developers, who by and large don’t spend money on software.

Analysts are a lagging indicator of success in open source and other shades of Shadow IT.

Embrace The Unknown

So what should an enterprise CIO do about the spectre of shadow IT? More than anything else, she needs to embrace her developers. 

It’s not really an option anymore. As Forrester notes in its “Understanding Shifting Technology Acquisition Patterns” research note, lines of business, and the developers who work for them, are assuming a greater role in technology purchasing. The study shows removing IT from purchasing processes will rise over the next two years, while IT-only purchases are expected to fall during that same span. 

Far more encouraging, however, is that the two groups are also collaborating more, with the two groups joined at the hip in technology purchasing. This relationship is expected to remain constant through 2015 as the cloud keeps booming and open source thrives.

Even when lines of business initiate technology purchases, it is increasingly including IT. So for the CIO worried about Shadow IT and the developers that foster it, don’t. Even with the rise of DevOps, those developers more often than not are happy to collaborate with IT in the ongoing maintenance of applications; they simply don’t want to be blocked from starting on such projects. 

CIOs that encourage developers to use open source and the cloud position themselves to assume control as soon as developers move onto the next business-changing application. It may not be the kind of control they want, but it’s the reality of the modern enterprise.

Image courtesy of Shutterstock.

Facebook Comments

New

Rising

Popular