You cannot win the game of restricting end-user IT against business people with credit cards and expense accounts. The only winning move is not to play. A strange game. The only winning move is not to play. How about a nice game of chess? – Joshua/WOPR – War Games I wrote several months ago about rogue IT and how to work with users who sign up for cloud-based solutions without working with you in IT. This still seems true to me, but it may be a little more complicated and a little more contentious than it needs to be. SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe I’ve continued to think about end-user IT since then and have simplified my approach to it into six words: Ban it. Embrace it. Replace it. Ban it. If there is a security issue with what the user is doing, it remains your responsibility as an IT professional to explain the situation and then to compel the user to stop violating security. Full stop. No arguments permitted that it is “just a little” confidential information or just a “tiny amount” of credit card data. Take it all the way to the CEO and to the Audit Committee if you have to, but you have a responsibility that does not go away because a user wants something different than what you offer. (If you have to go as far as the Audit Committee, you might want to update your resume since your beliefs and the organization’s beliefs regarding security would appear to differ materially.) Embrace it. If the user has a legitimate business need that you have not met, and there is no security concern, swallow your pride and embrace the solution. Train the users, take responsibility for delivering the solution to your typical service levels, get your standard language into the contract (if possible), and make that capability a part of what you provide to the company. You will gain an ally and avoid being the excuse for work not getting done. Replace it. Whether you have first had to ban it or whether you first embraced it, if the solution is not the final one you want to offer, then replace it with the right one. For example, if people need shared white board capabilities, and you first embraced a point-to-point solution on their iPads, it is perfectly acceptable to supersede that with one that also works on laptops. You need to be sure that the replacement solution is as robust as the previous one and you will need to provide training in the transition, but you still are permitted to enhance your formal service offerings. You cannot win the game of restricting end-user IT against business people with credit cards and expense accounts by crossing swords with them. Try a nice game of chess with them, or if you are feeling combative, grab a basketball and play some one-on-one. The best way to win is not to play the game. Related content opinion Bad beginnings have bad endings If you get off to a bad start on a project, you may never be able to recover. By Paul T. Cottey Oct 03, 2019 6 mins IT Strategy IT Leadership opinion How was your telecation? The point of a vacation is not to work less, but to not work. By Paul T. Cottey Jul 08, 2019 5 mins IT Leadership opinion There's a new sheriff in town The challenge as a senior IT leader in an M&A situation is that the new operating rules are unlikely to be communicated clearly, if they are even communicated at all. By Paul T. Cottey Jan 28, 2019 4 mins CFO C-Suite Technology Industry opinion Look at me! Some employees are happy being unhappy and can be quite vocal about it. Sometimes, however, attention-seeking behavior is masking something else entirely. Itu2019s your job as a manager to figure out which is whichu2026and what to do about it. By Paul T. Cottey Nov 16, 2018 5 mins IT Leadership Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe