How to Harness Shadow IT to increase productivity: The Extra Role of Technology Leaders in Harnessing Organisational Information
In a constantly changing digital landscape, IT Managers and CIOs (and CFO’s who sit atop the IT function) must play an expanded role that goes beyond traditional responsibilities of ensuring data availability, integrity, and confidentiality. They must also seek to drive increased efficiency and productivity returns within the organisation. That means, regularly, recognising the presence and importance of Shadow IT and drawing it into the light.
Shadow IT refers to the use of information technology systems, software, and applications that are not officially approved or supported by the IT department. This article explores the importance of discovering and aiding Shadow IT, shedding light on how CIOs can effectively identify it and then help to integrate and align a diverse array of information sources with the overarching IT function.
Understanding Shadow IT:
Shadow IT is ubiquitous in modern organisations. It arises from various factors, including employees’ desire for flexibility, familiarity, accessibility, and speed in fulfilling their technology needs. Frustration with bureaucratic processes, the perception that IT is not prioritising their productivity-enhancing requests or cannot provide an appropriate toolset to satisfy their needs, each lay the groundwork for employee workarounds.
Shadow IT can manifest in the form of cloud-based collaboration tools, mobile apps, unsafe file shares, working off-network, or even hosted servers spun up by semi-skilled employees. This proliferation of unmanaged technology, however, poses significant risks and challenges, exposing data governance, security vulnerabilities, and compliance issues.
Implications of Shadow IT:
Unmanaged Shadow IT can have detrimental effects on your organisation. It can disrupt data governance practices, leading to inconsistent data quality, fragmented information across disparate datasets, and difficulties in reporting. Security vulnerabilities may arise due to unpatched software, weak access controls, or data stored in unauthorised locations. Compliance with industry regulations and data privacy laws becomes challenging, putting the organisation at risk of legal and financial consequences. Moreover, Shadow IT can hinder collaboration, create technology silos, and impede overall organisational productivity and efficiency.
Discovering Shadow IT:
By proactively seeking out Shadow IT, you can gain a more nuanced understanding of the technology landscape within your organisation. Discovery requires actively engaging with employees at many levels, listening to their technology needs and how they are addressing them (in a non-judgmental fashion) and fostering an open and transparent communication culture. Team members across the organisation must trust that by disclosing how they are using information in their departments, your response won’t be a stifling policy measure that acts against their productivity or they may opt to limit their disclosures.
The format of your discovery effort will be dictated by your organisational chart, but a typical investigation would involve one-to-one collaboration between department heads and you or a suitable senior project manager, conducting surveys with end-users (try recruiting a team member from the Marketing function, or an experienced external consultant if you don’t have IT staff members skilled at in-person surveys), workflow mapping and live observation, and leveraging tools that are geared to discover endpoints and personally identifiable information (PII) across the network (we use a combination of RapidFire Tools’ Network Detective and custom scripts to map how information is stored and traverses your network).
Aiding Shadow IT:
Why aid Shadow IT if it competes and/or conflicts with the official IT function? Because it is an opportunity for innovation and agility.
By establishing a framework for collaboration between IT and other business units, you can channel their enthusiasm for using technology to achieve their departmental missions and ensure the IT imperatives of data availability, integrity and confidentiality are satisfied at the same time.
Such a collaboration framework involves creating channels for employees to share their technology needs and ideas (not just by exchanging emails or instant messages but by frequent in-person engagements), being seen to act on ideas and development requests with appropriate timeliness and thereby fostering a culture of trust and cooperation. Developing policies and guidelines that outline the boundaries and responsibilities of other departments can help manage risks while encouraging innovation.
Integrating Shadow IT into the IT Function:
You can integrate Shadow IT by creating a comprehensive inventory of all information systems across the organisation in the earlier Discovery step. This inventory should include both officially approved systems and those currently operating outside of the IT department’s purview.
Importantly, you should view the discovery effort not as a one-off, but as something more regular, at least an annual occurrence. Your organisation’s various departments are constantly striving to achieve their individual mandates and you will, undoubtedly, discover new Shadow IT initiatives every year.
Conducting discovery at least annually also provides the opportunity to bed down organisational change management processes with regard to new IT innovation. It is via formalised, proven change management methods that innovation in one area can be deployed and supported effectively across the organisation.
Assessing the business value and alignment of Shadow IT initiatives (and providing justifiable alternatives where a current use case cannot be made safe) is crucial to determining which systems should be brought under the IT department’s umbrella and earning the ongoing trust and communication of other departments. Streamlining processes and infrastructure can help integrate Shadow IT innovations into the existing IT landscape, ensuring future compatibility, scalability, and security.
The last word …
The role of the Technology Leader has expanded to encompass not only data availability, integrity, and confidentiality but also the usefulness of information within organisations. Discovering and aiding (not eliminating) Shadow IT is a critical responsibility for you, as it enables you to gain a better understanding of the total technology landscape and align it with the overarching IT function. By embracing Shadow IT as an opportunity for innovation and agility, CIOs can integrate diverse information sources into the organisation’s technology ecosystem, ensuring compatibility, security, and scalability..
