Most IT executives think of “shadow” IT in terms of full-fledged technology projects or business software acquisitions taking place outside the IT department but with some form of management supervision. In the last few years, though, inexpensive hardware and downloadable software have made it very easyand very temptingfor users to acquire their own technology without asking anyone’s permission at all.
One example of this phenomenon is the Mozilla Firefox browser, notes Jim Spath, technology architect at Black & Decker. “It’s easy to download and install, and many users believe it has definite advantages,” he says. Once employees start using it, developers may have to take Firefox into account every time they create a Web-based application.
Other common employee activities are downloading and installing document-sharing or portal software, or installing wireless routers to let mobile devices connect to the network. “When those things happen, no one is in control,” says Barbara Pratt, author of Own the Forest, Delegate the Trees. She reports seeing confidential information put at “frightening risk” when employees shared it using a downloaded application. On the other hand, locking down your network by blocking USB ports or preventing users from downloading any applications can wind up damaging your organization’s efficiency.
What’s the right answer? “It’s tricky,” Pratt says. “I’ve seen it addressed best by communication and negotiation. It has less to do with how IT is structured and more to do with people not realizing the consequences of doing something.”
As with all shadow IT issues, there is no one answer to do-it-yourself IT, says Tom Stocker, chief operating officer of MidTech Partners. “I don’t like it when people stick freeware in the middle of a utility, because it’s undocumented and unsupported and will cause problems down the line,” he says. “On the other hand, I’ve seen a situation where someone was stuck using an application that could not generate PDFs. An upgrade to a newer version was impossible, because that would have required moving to a new operating system that would have been incompatible with the client’s legacy software. In that instance, for that person to download and install a $39 PDF creator made perfect sense.”