Let’s Stop Calling it “Shadow” IT. No One is Hiding.

We’ve heard the terms Shadow IT and Shadow Innovation.  We’ve even seen ways to combat it.

As IT professionals and practitioners, what I think we are missing is that our end users aren’t hiding in the shadows. They’re not afraid of Corporate IT finding out that they’re using a non-sanctioned tool. They’re just trying to get their jobs done, and they don’t (usually) think they’re doing anything wrong.  This is something Brian Madden,  Jack Madden, and Dave Stafford call FUIT. Use your imagination.

FUIT is not a new problem.

2007 — A close friend goes to war against her IT department because they keep attempting to block her use of Google Talk on her work laptop. All she is trying to do is avoid SMS, primarily because her Motorola Razr has a T9 keypad (the “iluv8” and “cul8r” days).  She eventually gets a BlackBerry and started using BBM.

BYOD, BYOA, and BYON in action in 2007.  She wasn’t hiding from IT; she was at war.

2008 — A large Fortune 100 company has over 3000 rogue Macs despite the fact that they are actively trying to use NAC to block them.  Engineers proudly display them. It’s FUIT at its finest.

2011 — This same company starts their IT-only Box pilot. They don’t allow anyone else to use it, even though it is awesome, because of “security” reasons.  Their employees start adopting Dropbox, SugarSync, etc. in droves — none of which have “security” features anywhere near Box.

2013 — Another close friend uses Yahoo Instant Messenger at work (unencrypted!!!) because his IT department refuses to deploy an enterprise collaboration platform.

2014 — This same company finally start scaling their Box deployment because Box solved those “security” issues.  They’ve never seen anything virally adopted this quickly. Dropbox usage plummets.

I’m a firm believer that the traditional blocking approach leaves you blind and ultimately drives employees to wage a very public war against IT.  If you block Dropbox, for example, you would be unintentionally driving your employees to use devices and networks not under your control.  I guarantee this is happening in every Fortune 500 company, whether their IT departments want to admit it or not.  It was happening in 2007 when BYOD and Cloud and Consumerization were twinkles in marketers eyes — and probably long before that.

Instead, IT should strive to maximize security and minimize its impact on user experience.  The ideal solution is one — like Box — that meets security needs and delivers a user experience that drives viral adoption.  By offering something like this, you don’t need to block anything else, because your employees will beg you for an account.  In addition, you should use tools like Netflow and services like Skyhigh to monitor what your employees are using. Finally, you can use Device Management tools (SCCM, Casper, MobileIron, etc.) to identify the most popular apps across your fleet.

Sound off in the comments.

(Photo courtesy The IT Crowd. You should really watch that show. It’s hilarious.)


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s