top of page

IT function is to be reinvented?

OIG3.pU12i7_zrcF4Gy9ejyA6.jpg

With latest trends in Tech world IT function in corporations faces with more challenges in segregation of duties department. As one of the outcome of that process “shadow IT” arises. All of that leads to necessity to rethink traditional IT function scope.

Now let’s talk about what “shadow IT” is and which exactly trends fertilize it?

​

Let’s start with some basics…

"I don’t need you guys, you’re very slow with all your testing, qualification and documentation. I got my guy on creation of this solution in “ABC” platform".

If this sounds familiar, then you know what “shadow IT” is. Simply speaking, it’s when business functions (Marketing, Sales, HR you name it) start to play non-specific role of IT agent, start to create IT solutions and integrate them into Company’s ecosystem.

It may happen due to various reasons. First, as mentioned above, IT must follow processes and comply with controls, so like in all big corporations, that may slow things down. Also IT must make sure about the quality of solution created, must write a set of documents capturing all the details of configuration and codebase applied. Finally, particular IT department may not have expertise enough in particular type of solution business needs at the moment.

Why “shadow IT” may be a source of inconvenience? Traditionally, it leads to segregation of duties violation when IT department stops to own IT ecosystem of corporation. Imagine situation when 50% of systems IT does cover and controls, but another 50% exist on a semi-legal basis, deployed and maintained by business users. What possibly could go wrong, right? Here are some thoughts:

  • those systems which are maintained by business might become of critical value, but since business functions have tendency to “optimize efforts”, they usually don’t want to spend much time on documentation and testing which leads to high risks of those systems disruption in case if something breaks inside and nobody knows how to deal with it;

  • at the same time due to lack of documentation those systems might be very human expertise dependent: if guy who developed it leaves the Company, there might be nobody to pick up his functions since there’s no proper documentation left or knowledge transition culture is not at a very good level;

  • those “business owned” solutions might operate with sensitive data (PII, financial or commercial sensitive etc.). In case if there’s not enough testing done, they simply could go broken and become a reason of critical data leakage;

  • “shadow IT” systems could be integrated (sometimes silently) with those which are owned by IT and contain critical information and again as in previous example due to low quality of code they could intervene into other systems processes and corrupt data.

 

What could expedite “shadow IT” cultivation?

“Shadow IT” problem exists as long as IT itself. But nowadays industry experiences additional factors which may be a reason of this concept is been even more empowered if situation is not treated in a right way.

So who’s our bad guy? Who’s a catalyst of this whole situation is coming to worse state? Among other factors, I would name… AI, cloud computing and zero coding!

And don’t get me wrong: I do support progress and see how much value those technology bring to the business and to every day life for all of us! However, all those technologies give keys to the kingdom to business users and provide them with an ability to generate IT solutions without involvement of “those geeky guys from basement floor”.

Imagine a situation when Sales and Marketing department created several accounts on cloud based ITIL tool to process business requests to, let’s say, sales data improvement or ad-hoc distribution report generation. Then those requests are being captured and processed within this tool. After that all those requests are to be published on zero coded created web-site for their business fellows. And finally, our Sales and Marketing guys decided to implement workflow automation for updating sales databases which are being supported by IT department with enriched data they got as a result of those requests and did that with zero coding RPA tool. It could look like this:

arch_example_shadow_IT.jpg

IT does not have any visibility into what happens in yellow area.

Now imagine that what is being built in this yellow area becomes really business critical and should work as reliable as Swiss clock every day, even 2 hours of downtime is not acceptable. After 6 moths of success person who configured ITI tool leaves and it turns out that there’s no documentation reflecting details of configuration done (routings of tickets, prioritization, simply there’s no credentials to admin account in ITIL tool). That’s it — business is affected since they can’t change some configuration elements, process is disrupted, everybody’s yelling on each other etc. I’ve seen that several times.

I don’t want to say that it happens every time, very often business got everything covered, but time to time such situation may occur due to lack of experience with creation of IT solutions or wrong prioritization of documentation and knowledge transition work.

And what before was a problem now may become a HUGE problem with all those “easy-to-use” IT platforms available on the market right now.

​

Time to change?

Now, if IT will continue to live in a bubble, staying in paradigm where it’s only IT department’s prerogative to engineer components of IT ecosystem, then it’s doomed to constant putting band-aid on a bullet wound, “shadow IT” will only grow stronger.

Instead of that, IT now needs to rethink its place and role within the organization. Rather than being the only guys who know how to install data base suite or write PHP script it needs to become a center of expertise for questions related to software delivery cycle, agile oriented mindset, architecture design, solutions validation approach etc. It needs to become the ambassador of new technologies which might be useful for business, which means IT teams need to spend much more time studying tech news and relises of state-of-the-art tools on the market. But the most important part — IT needs to be as close to the business as possible, team does need to understand which gaps business has, what problems it encounters. IT guys should be well known across the company and establish relationship based on trust and clear positioned expertise in certain topics.

Many companies are now going this way, much more will follow very soon, because it seems to be the only way to escape the catastrophe in the world where 1TB of data doesn’t blow away anybody anymore.

bottom of page