Shadow IT Series: How to Make it Work For You

IT departments are not fond of shadow IT. It causes security problems and creates weaknesses that security professionals are unaware of, and therefore cannot protect. We’ve discussed what shadow IT is and why it happens, and we’ve talked about how to assess threat levels and potential value of downloaded apps and services. Now it’s time to discuss how to make shadow IT work for your business.

Unfortunately, in today’s world of highly consumerized technology and cloud innovations, users are more and more comfortable with downloading apps and services to help them do their job at work. The only way to truly prevent it is to ensure that you have the proper systems and tools in place to ensure they don’t go looking for something else.

If you find out that an employee has turned to the shadow, you first need to find out why, but it is incredibly important that you set up a pilot IT program. As referenced in the previous article, pilot IT is when you allow employees to introduce tools into your ecosystem in a transparent way. Transparency allows you to know when employees are looking for something, and then give them options to try before committing to a vendor. Your employees will tell you what works and what doesn’t.

Once you determine, through the pilot IT program, what apps or services you want to keep, your IT team can work with the vendor to develop an enterprise-level version of the tool if it doesn’t exist. If you are at a large enough scale, talk to the vendor and get their attention. Be specific in what options or controls will help your business become a client. Let them know you’re willing to do the work, communicate with them and develop a collaboration. If the tool is really valuable, offer to be a guinea pig, test pilot or to trial features to help them extend the tool to other enterprise clients. This not only gets you the tool you need for your employees, but you are building a relationship with a vendor who may be able to help with additional tools in the future.

Once you’ve gone through this process, IT needs to deploy the new tool. Before that can happen, you need to understand your employee’s use cases. If everyone in your company needs a tool for a specific feature, but only a few people would use another tool, then it’s probably okay to remove the second tool. At the end of the day, there is a simple rule to follow: The benefit needs to exceed the frustration.

The focus should be on moving toward full utilization of a tool, but if that isn’t possible, you must make sure the core use cases are covered. If you don’t do that, then it’s a waste of time and money. A wanted tool that doesn’t work right will result in more shadow IT, which is what started this process in the first place. So study your employee use cases, survey them and ask what they like and don’t like about a tool. Make sure everything is in order before your IT team deploys the tool for everyone to use.

It is extremely important to remain vigilant with shadow IT. Employees may not understand the impact of the tools they are trying and installing, which is why vigilance and transparency are a huge piece of the puzzle. You need to ensure that your IT department can keep your business secure, which means you need to know if people are downloading and installing tools. Setting up a pilot IT program lets your employees know that you hear them, that you want to give them what they need, but you need to secure it first. Communicating with employees will help ebb their cries for help and decrease shadow IT in your business.

As a business owner, you know the importance of listening to your customers and clients about what they need. It is equally as important to do those things with your employees. Happy employees mean more efficiency, better productivity, higher retention rates, and bigger profits at the end of the day. You need your employees to keep your business going. Treat them right and they’ll return the favor!

About the Author

Pieter VanIperen, Managing Partner of PWV Consultants, leads a boutique group of industry leaders and influencers from the digital tech, security and design industries that acts as trusted technical partners for many Fortune 500 companies, high-visibility startups, universities, defense agencies, and NGOs. He is a 20-year software engineering veteran, who founded or co-founder several companies. He acts as a trusted advisor and mentor to numerous early stage startups, and has held the titles of software and software security executive, consultant and professor. His expert consulting and advisory work spans several industries in finance, media, medical tech, and defense contracting. Has also authored the highly influential precursor HAZL (jADE) programming language.

Contact us

Contact Us About Anything

Need Project Savers, Tech Debt Wranglers, Bleeding Edge Pushers?

Please drop us a note let us know how we can help. If you need help in a crunch make sure to mark your note as Urgent. If we can't help you solve your tech problem, we will help you find someone who can.

1350 Avenue of the Americas, New York City, NY