When Employees Are Using Software That IT Hasn’t Approved

Executive Summary

In many organizations, front-line managers develop their own IT solutions independently of the IT function, usually because IT managed initiatives aren’t delivering solutions in time.  This can present risks for the organization, and in order to better ensure that front-line managers don’t go rogue on digital, IT functions should establish a central IT unit to manage legacy structural projects while a dedicated agile team manages digital and innovation, competing with external providers for business from the business units.  In this new role as “orchestrator” rather than “controller”, IT becomes a partner and a coach to business units, helping them to select vendors, properly design APIs, and ensure an appropriate level of security.

px photography/Getty Images

Digital transformation that starts in the CEO office often turns into a mega project that everyone has to be a part of. The trouble with this is that mega projects take a long time to deliver, and by the time they do deliver, what they provide may well be obsolete.  Meanwhile, out on the front lines, real managers need something they can use today in order to defend the business.

A recent drama at a major retailer illustrates this dilemma: A few months earlier, the VP for a declining line of business found herself struggling to find digital tools to help her acquire new customers. In desperation, she used her personal credit card to pay for a monthly subscription to a cloud-based CRM that could help her start an online campaign.

Soon enough the CIO sniffed out the project and called her in to a disciplinary council. After listening to the stern CIO chiding the VP about the security breaches her initiative had risked, the CEO asked the VP why she hadn’t simply asked the CIO for help.  The VP replied, “I asked our CIO for help months ago.”

The CIO admitted that he had been approached and explained that he had informed the VP that IT already had a project with SAP to deliver what the VP needed. “Yes, but that won’t be ready for me to use for three years, and I need something today,” retorted the VP. The CIO was silent. Then the CEO asked the VP, “I’ve known you for ten years. You don’t seem like someone who would do something to harm the company. Why did you do this?” The VP hit right back: “Since I started this digital customer acquisition program, we’ve increased revenue $1M per month. Before we were losing revenue. If you want, I can shut it down right now. What do you want me to do?”

If you don’t think this is happening in your organization, think again. You might just not know what your people are up to. Smart line managers leverage the predominant software-as-a-service (SAAS) business model to finance shadow IT projects out of operating expenses rather than the capital budget, which effectively hides them from central IT. We’ve seen executives pull out their personal credit cards to pay the bills.

In some cases, when shadow IT solutions come to light, the CIO will shut them down completely, sometimes triggering an early departure by the frustrated business unit executives involved.   That may at times be an appropriate response, but we have also seen IT adopt an open-minded approach and successfully work with the rogue unit to help secure data, standardize APIs, and ultimately assemble solutions that combine internal and external services.  In general, we lean towards the latter approach and our experience advising and researching companies facing digital transformation challenges suggests that applying the following two rules of thumb will help CIOs in a better place to anticipate and manage shadow IT projects:

  1. Identify where you need to be best in class. Then let line-of-business leaders decide whether to outsource or insource the best-in-class solutions that they need. This may result in a split IT function, where a central IT unit manages legacy structural projects while a dedicated agile team manages digital and innovation, competing with external providers for business from the business units.This flexible approach should help reduce the number of nasty IT surprises because IT will at least be part of the sourcing process for new projects.
  2. Start small everywhere else and stay out of the box. CIOs are often tempted to go for total solutions from big suppliers, but as we’ve seen this usually means they end up missing the bus. It’s worth reflecting on the fact that in many industries, the best IT solutions providers are narrowly focused on a specific problem.  We would recommend that CIOs take a similar approach – rather than try and solve a lot of problems at the same time but too late, try to fix specific problems quickly by working with specialized vendors. Working in this way you preserve the ability to swap out for new and better solutions as they materialize.

Applying these rules will transform the forward-looking part of the IT function from being the owner and controller of solution deployment to the “orchestrator” of an ecosystem of suppliers (including itself). Admittedly this adds some degree of chaos but compared to forcing rollouts of multi-year solutions that don’t really serve the business well today, this may be best choice for the immediate business needs. In this new role as “orchestrator,” IT becomes a partner and a coach to the line of business, helping them to select vendors, properly design APIs, and ensure an appropriate level of security.

Products You May Like

Articles You May Like

Principles for cloud-native architecture–what it is and how to master it
Know When It’s Too Hot to Walk Your Dog
If Facebook or Google create their own currency, they can control our lives
Five murders, six men and 16 years of stolen lives
Protesters gather in Taipei, asking ‘red media’ to leave Taiwan

Leave a Reply

Your email address will not be published. Required fields are marked *