Coping with “Shadow” IT
When business units spend money on technology, who’s minding the roi?
by Minda Zetlin, November 2008
Chad is employed in a large department of a huge multinational bank. His job is writing applications, but his title is database analyst—because company policy doesn’t allow non-IT departments to hire programmers. “It’s against company policy to have servers outside of IT too, but we purchased some for our department,” says Chad, who asked to be identified only by his first name.
Why would the department’s managers risk discipline or dismissal instead of going through the company’s IT department as they are mandated to do? In his experience, Chad says, that approach almost never leads to a completed project. “You have two huge departments: our department and IT. Both want to do it their own way, and it never ends up getting done either way.”
Chad and his colleagues not only write applications but provide day-to-day maintenance for the department’s equipment and manage more than 20,000 databases, he reports. “If the IT department realized the amount of programming that goes on outside of IT, there’d be much more effort to stop it. They don’t have a grasp of it, and I don’t think anyone is volunteering to tell them.” Meanwhile, he says, his department is in the process of hiring another programmer.
Chad works in the world of “shadow” IT—in which business unit managers or others within an organization procure their own technology without the assistance or supervision of the IT department. It’s a widespread phenomenon. “I’ve worked with many different organizations, and they pretty much all have shadow IT,” reports Barbara Pratt, president of Project Leadership Gold, a project management consulting firm, and author of Own the Forest, Delegate the Trees. “Even when centralized IT has almost everything under its umbrella, there will always be business areas, particularly marketing and sales, that will keep trying to build their own IT to bring their ideas more rapidly to market.” According to 2008 Book of Numbers research by benchmarker and strategic discovery firm the Hackett Group, a third of all typical companies find that 10 percent or more of their total IT spending is outside of the IT department budget—in the realm of shadow IT.
12 Incompatible Apps
That can present a problem for the IT department, the organization at large, and sometimes even the company’s customers. “There’s a new type of application called electronic medical records, or EMR, that healthcare organizations are excited about because patient records have traditionally been pieces of paper stored in the basement,” says Tom Stocker, chief operating officer of IT integration firm MidTech Partners. “We have one client hospital that has 12 different competing EMR applications throughout its organization. Oncology decided they needed one, Radiology needed one, Pathology needed one, and so on. Now they have a problem, because they can’t easily synchronize a patient’s health record among departments.” That can be bad for patients, because important information about their treatments and needs may not get communicated, he notes.
Even when customers are not directly affected, shadow IT can increase costs and reduce efficiency for IT departments. “The work of getting a shadow IT project in place mostly falls outside the central IT budget. The work of maintaining it, though, often comes back to central IT,” notes Pratt. “The IT department is now responsible for maintaining all these unfamiliar things that were built without its influence and were not created so as to make maintenance cost effective.” There are also opportunity costs because a central IT department is now less able to use economies of scale to make its work more efficient or to acquire hardware or software at a bulk rate discount.
Costs can multiply when IT sets out to upgrade systems or make other changes, she adds. “If you have to change a business process, for instance, the marketing department may have its own version of the process, and so may various other departments. When this happens, if we want to roll out a new system, we have to do five different versions instead of one. It increases the workload every time.”