Despite Rising Concerns, Shadow IT Isn't That Scary

by CXOtoday News Desk    Sep 22, 2015

freeimages.comMihai Eustatiu


Shadow IT or rouge IT is no longer a secret, with the CIO being aware of his teams using the unauthorized IT services. There have been conflicts within the IT department as who is responsible for cloud computing decisions.

When the cloud services are accessed outside the purview of the IT department, the company is vulnerable for attacks and overuse that would result in cost escalation. Still, Shadow IT continues to exist. The one way out is to see how the risks can be minimized. 

“CIOs realize unauthorized cloud services are being used. They realize that with Shadow IT comes siloed information, data compliance issues and missed opportunities for bulk pricing. But how many CIOs really understand the number of cloud services being accessed, the full cost of these services over and above the sticker price their companies are being charged by the public cloud provider and the risk profile they represent—let alone have a proactive strategy for addressing these issues?” asks blogger Nick Earle in a Cisco blog.

He says IT departments estimate their companies are using an average of 51 cloud services, when the reality is that 730 cloud services are being used. “We predict that by the end of this calendar year it will be 20 times or more than 1,000 external cloud services per company,” he says.

There have been many concerns with regard to the Shadow IT, as the It department will not have a full view of the workloads on the cloud and the responsibility in time of breaches.

Ananya Das (Global head -IT & Quality), SoftAge Information Technology Limited, says: Shadow IT  leads to inconsistent approach and lack of standards in the application being developed.  Again, with so many open source applications available, it becomes difficult to control the validity, consistency and relevance of the data that is produced from these applications. A lot of time and resources get wasted in checking the integrity of the data and managing the systems .  In times of crisis and urgency, the IT team are often called in to help out. This again leads to inconsistencies and overheads in terms of cost and effort.”

One of the reasons for the prevalence of Shadow IT is the need for IT to gear up to match the speed of the delivery of products.

 How to deal with it

Sean Harris, Business Solutions Strategist in EMEA, VMware, has a solution: “There are plenty of vendors out there offering their own technical solutions to help build a private cloud. The challenge is creating the organizational structure, developing in-house skills, and implementing the processes required to run a true ITaaS organization. Most traditional IT organizations lack key skills and organizational components to do this, and IT organizations are not typically structured for this.”

“With ITaaS, technology solutions can be deployed as needed, when needed, and bill only for what is used. This allows IT to be a strategic enabler of the business—but allows users of technology services to take control of the process and work at their own speed. The idea has been discussed for more than a decade. But now Software-Defined Data Center technology (SDDC) makes it a reality,” he says.

Adding to Sean’s views is David J. Cappuccio, a managing vice president and chief of research for the Infrastructure teams at Gartner. He wrote on Gartner blog: “If IT is to respond to this form of Shadow IT they must pair with business partners and work together as part of innovation labs (often driven by the business and not IT),  Innovation labs can become the integration point where IT experience and business innovation can come together, but the focus is not as a control point, but as an enabler of change, with clear understanding on both sides of the aisle of what the potential cascade effects will be on both the business and on IT.”

While businesses know the pros and cons of Shadow IT, they are also aware that it is here and will not go away in the near future.