How to eliminate enterprise shadow IT

Don’t try to find shadow IT and govern it; instead, out-compete it with DevOps.

shadowy figure reaching out from behind transparent wall
Thinkstock

Gartner studies have found that shadow IT is 30 to 40 percent of IT spending in large enterprises, and our research at Everest Group finds it comprises 50 percent or more. Either way, I believe these statistics are an understatement of the shadow IT ecosystem — spending on IT that doesn’t go through the sanctioned enterprise IT shared service function. It’s a big issue, and increasingly complicated. Historically, the increase in complexities, the need for greater security or the need to operate at enterprise-wide scale drove shadow IT out of departments and into the administration of the IT group. That’s no longer the case; thanks to SaaS and cloud products/services, shadow IT can now operate securely at scale. So how can a CIO address the risks and expense of shadow IT?

Users subscribe to many IT services that don’t go through the enterprise IT shared services budget, and enterprise IT doesn’t make the decisions for administering it. Shadow IT includes purchases of SaaS (like Salesforce), AWS cloud and colocation, or Rackspace. It’s also the teams of people hired by the business (but not put into corporate IT) who do development and application support or PC support.

The emergence of cloud or digital disruptive technologies has delayed or further aggravated the problem. A few years ago, corporate IT could find a server under someone’s desk and take that workload into the data center when it became troublesome to maintain it. But today, AWS can scale bigger than the corporate data center. And SaaS products scale and represent that they can handle the security and the controls that are required at scale at an enterprise level. So once more, business users can postpone or keep IT functions outside the IT shared services function.

To eliminate the problem of shadow IT, we need to start with what causes it to occur in the first place. Simply put, it comes down to enterprise IT not serving business needs well enough. Typically, the IT group is too slow or not responsive for the appetite of business users, too costly and doesn’t align well with the business needs. IT focuses on functional costs per unit as the value it delivers; but the business cares more about gaining quick functionality and capability to serve its needs. Enterprise IT simply doesn’t operate at the speed of business. So, the business users build their own functionalities and capabilities through shadow IT purchases.

If you’re a CIO who wants to address the problem of shadow IT — and be more relevant to the business — you must recognize that your IT group needs to perform better than shadow IT.

Silicon Valley and other startup communities are great examples of how to deal with this issue. They develop functionality at speed through DevOps pods. And they come to the market with a born-in-the-cloud elastic orientation.

I advise CIOs to re-conceive IT by establishing a DevOps cross-functional team that aligns to the business needs instead of IT functions. This strategy would have a cloud stack, a SaaS stack and an automated test environment. The talent would be a small, cross-functional team that deeply understands the business and can deliver functionality at speed by either snapping together SaaS and/or doing integration and development at the speed of business.

Can DevOps teams scale? Yes. DevOps teams at Google, Facebook and Microsoft Azure are building and running the world’s largest technology implementations.

Interestingly, in companies that insert DevOps teams into their operations, we’re seeing massive improvements in business impact, speed and worker productivity that completely out-compete shadow IT and shared services.

I’m not calling for the end of IT shared services. But I am calling for an alternative to shadow IT. I think inevitably as organizations adopt DevOps throughout the enterprise, they will be able to out-compete shadow IT for speed and alignment. In that way, the CIO and IT group can offer the business something that meets their needs even better than shadow IT.

Caution: you cannot achieve this result by implementing DevOps principles into a shared services organization. The organization simply cannot move fast enough or be close enough to the business to meet business users’ needs. Instead, set up a separate DevOps service for each business department or user/stakeholder group. And then just out-compete shadow IT to death.

This article is published as part of the IDG Contributor Network. Want to Join?

NEW! Download the Fall 2018 digital issue of CIO