The meeting invitation was terse:

“Over the course of the last several months, I have become aware of several intranet sites being built in Google Sites instead of the Corporate Approved SharePoint platform. You have been invited to this meeting because you are the author of one of those sites.” – The CIO

It seems like it has been a battle that has been raging since the beginning of time…or at least since the dawn of the computer age decades ago. On one side is Corporate IT, blessed by the Board to be the protector of all things good. Corporate soldiers building the systems that keep the business alive. On the other side, business units who are bent on destroying the business by building tools to undermine the pillars of Governance, Risk and Compliance. Nefarious rogues who are trying to do their jobs (and the job of IT).

OK, admittedly, that’s a little tongue in cheek, but be honest, there were some of you out there reading that paragraph, pumping your fist and yelling, “Yeah! Yeah! You’re right!!”

Shadow IT. It started with “End User Reporting Tools”, grew larger with dBase and Access, and has exploded with the Consumerization of IT. I blame it on the PC. Prior to the 1980’s, the mainframe was locked behind the doors of the data center, in its climate-controlled environment. Access to its power was granted to only a select few. The PC broke down those castle walls.

A couple years ago I wrote a blog series for Intel’s IT Peer Network titled “The CIO is Dead! Long Live the CIO”. This series is an examination of the challenges that have converged on the CIO and how the CIO needs to evolve to meet them. Many of those challenges: social media, consumerization, appification, are what led me to embrace Shadow IT.

I don’t even know that I was aware of my shift as it was happening. It began as I would challenge my team to think about why this department or that department was breaking process and building or buying their own solution. “They aren’t doing it out of spite,” I would say. They were doing it to get their job done. More than likely it was indicative of our failure to meet their needs.

The room was unusually quiet. The CIO greeted each person as they arrived. Yet, the group exchanged few pleasantries.

“As the meeting invitation stated, I have noticed more and more Google Sites being created and used throughout the organization. Each of you, I believe, have authored at least one of those sites. We have a corporate standard for our Intranet. I’d like to know why you chose not to follow the corporate standard and instead used a different platform.”

The room was silent. Several stole furtive glances at each other. Finally, someone said, “well, Joe in IT knew we were doing it, he even linked from the SharePoint intranet to the Google Site.”

That broke the ice.

“It was easier.”

“IT is always so backed up, we couldn’t wait.”

“We didn’t want to bother anyone.”

I finally interrupted the “confessional” and told them I thought it was GREAT and in fact, I wanted their help to promote adoption throughout the organization so we could retire the old platform entirely.

The conversation then took an interesting turn. As the group began discussing ways to introduce the skills and the platform to other departments, someone raised the point that all the sites looked different. I said, “well, that’s ok, isn’t it?” One of the people from marketing said, “Marketing thinks there should be consistency.” Somebody else said, “There should be a main landing page, too”. Another person stated, “I need to be able to share our information with employees who do not have a corporate email address, can I just turn on the ‘Public’ setting so anyone can get to it?” The guy from the risk department jumped in and said, “you can’t do that, then anyone can get to it, that’s not secure.”

I was fascinated to watch as the team developed their own set of guidelines, preferences, and controls. IT didn’t need to dictate command and control. The team took it upon themselves to put “rails” around the project. During that first meeting, two key ingredients to harnessing the power of Shadow IT occurred to me: constraints and trust.

Identify the constraints

Several years ago, I was CIO for a commercial real estate developer. We built office buildings. As we leased space within the building, the tenants were given an allowance for tenant Improvements — customizations they could make to their space to make it their own. However, it wasn’t the wild-wild west, they couldn’t make any change they wanted, there were constraints: they couldn’t modify the shell or skin of the building, the restrooms had to be in the same location on every floor, the elevator and utility risers had to be in the same location, and they had to work within the budget.

In the story above, the team defined the constraints. However, whether they realized it or not, I had already defined the constraints — I just let them get right up to the edge. I was not, for example, going to let information that should be secured onto a site that was marked public.

Trust but Verify

The other ingredient to a successful Shadow IT initiative is to set up a process to verify the content or application being built outside of IT. The modern business intelligence company, Domo, does an outstanding job of this. Their whole go-to-market strategy is to enable the power of Business Intelligence to be put in the hands of the business professional. To prove the strategy works, they “eat their own dog food” and run their business using their own product.

The CEO, Josh James, knew he needed to be able to trust the dashboards he was seeing, no matter who in his company authored them. He established a new role within the company called “Major Domo.” The first Major Domo, Tyson Lewis, established a set of 12 criteria that a new metric, referred to as a card in Domo-speak, had to pass before it could be “Major Domo Certified”. James and the other business leaders knew they could trust the data they were using to manage the business because it had been verified.

The battle with Shadow IT is over. Shadow IT has won. Consumerization of IT, cloud computing, and other advances have wrested control out of the hands of the CIO and put it in the hands of the business users — where it belongs.

So, if you can’t beat ‘em, join ‘em! Embrace Shadow IT.

About the Author:

Tag/s:Digital Era,