‘Shadow’ Spending and Its Impact on the Cloud

Lack of appropriate skill sets and other factors drive some “shadow IT” cloud projects back into IT ownership. Still, cloud deployments outside the purview of IT continue to rise.

In enterprises with more than 1,000 employees, for example, nearly a quarter of cloud spending (23%) currently comes from outside IT, according to a 2014 IDG Enterprise Cloud Computing Study. And that figure is expected to grow five percentage points over the next three years.

What does this trend mean for future cloud successes?

Non-IT cloud spending in larger enterprises comes primarily from line-of-business management (35%) – from those who see an opportunity to innovate and don’t want to wait for IT to start reaping the benefits. So it’s in the best interest of the organization for IT to conduct some detective work to learn what is fueling decisions to circumvent IT to procure cloud services.

Once IT understands these reasons, it can get its house in order to successfully deliver what’s needed on its own, removing the motivation for departments to venture out on their own. After all, despite growth in non-IT cloud spending, the lion’s share of cloud investments still comes from IT.

Shadow IT does serve a purpose, and that is to push the organization forward when IT gets mired in the daily operational grind of maintaining the status quo. However, it is ultimately messier for IT to properly manage cloud projects when they originated outside of IT. The reasons are that shadow procurement:

• Is usually more costly.  Duplicate subscriptions and services that don’t receive the benefit of volume discounts could be rampant throughout the company.
• Can degrade app performance. The corporate Internet connection could get clogged with cloud traffic. Cloud use depends on network access. If IT doesn’t account is in the dark about cloud services and doesn’t account for them in its capacity planning, network pipes can fill up fast.
• Can increase your vulnerability to hacks. Shadow IT services aren’t connected to your core directory structure. And users are prone to reusing their existing credentials with the new, non-IT-sanctioned service for the sake of convenience. Identical credentials to your core directory, then, can get loose in other systems, and that simply makes the risk of security breaches greater. IT can’t manage these credentials because it doesn’t know about them.

Try to view shadow IT for what it is: a sign that IT can be doing something different, better, or more. Find out what that something is and do it. You’ll save money, help users stay productive, and reduce risks. And you’ll keep IT relevant in an era where it’s easy for anyone in the company to procure IT services on their own.