Leadership

Control shadow IT in your organization

When renegade departments install new apps or programs without the IT department's knowledge or consent, IT managers can be left with a messy network situation. Read how TechRepublic members manage the problem of shadow IT.

When departments other than IT set up their own IT systems or applications, they can place an extra burden on IT personnel who may already be stretched thin, such as Help Desk folks and network administrators. The people who create this “shadow IT” problem don’t understand that in order to effectively troubleshoot problems, control performance, and plan for necessary capacity, the IT department needs to understand every element of the data communication process throughout the network.

In a recent IT Manager NetNote, I asked if any members had encountered shadow IT in their organizations and, if so, how they managed it. From the mail I received, it appears that shadow IT is a common problem, and one that can have far-reaching consequences.

Member greenem7 describes one situation in which her company hired a contractor to do some specialty projects for a particular department. His work was so good that, when his original contract was up, he was hired directly into the department.

“Before we knew it, he was developing projects and using tools not approved for company use, which the IT team would eventually end up maintaining,” greenem7 said, adding, “For IT, it was extremely frustrating because he became the ‘can do’ guy, while he circumvented the usual IT request and project standards.”

Member marti.a.mack experienced something similar. In her case, the contractor went away but left behind applications that required IT maintenance. “The applications usually didn’t utilize standard third-party software, nor were they developed with a standard methodology.”

I also heard from several members who maintain that shadow IT is a huge issue in medical environments. With the development of departmental information systems like Radiology IS and Laboratory IS, it’s typical for vendors to sell their systems directly to the department and bypass IT.

In response to this trend, lpopove says the IT team adopted an Information Management Strategic Plan, which called for centralizing IT functions within the organization. Lpopove concedes, however, that adopting a plan and implementing it are two different things. Lpopove’s department took a constructive approach by pointing out where it can do a better job and save money. “In effect, we’re explaining to the director of Radiology, for example, that none of us in IT would make very good Radiology techs, and Radiology techs shouldn’t be doing network support,” Lpopove said.

Member Greg_Law took another approach in the hospital where he works as IT manager. This medical center had clinical departments in which IS was managed by clinical staff. The departments’ reasoning was that someone would have to understand the workflow in order to effectively administer their databases. Since the departmental database administrators were technical folks, the CIO created an expense budget that absorbed the clinical departmental database administrators’ salaries and moved them into the IT shop. This turned out to be a win/win situation, according to Greg.

“The clinical departments had service expectations and techies supporting their hardware, which resulted in improved availability. They still had a clinical departmental database administrator looking after their specific interests, and the hospital saved money by eliminating questionable expenditures and centralizing the resources.”

If it’s not feasible to absorb the personnel cost, member John Nooten recommends having a departmental liaison to plan and manage the technology needs of each group. “This would give each group a better line of communication with IT and more say in their own destiny,” which would discourage their breaking away and doing things on their own.

An IT department could go crazy trying to support products they don’t know about. And just as bad, says Nooten, is trying to support a desktop or OS that’s running software and OS configurations that are not familiar.

Nooten adds, “Renegade groups tend to do whatever they want. New applications implemented on a network without consideration for network impact can do everything from cause intermittent performance problems to bring a whole network to a grinding halt in the middle of critical business transaction processing.”

He does concede, however, that there will be groups of employees that have a serious business need for a few specific products. His solution is to set up a standard OS install with the standard corporate desktop products on top of that. That becomes the standard image for each hardware platform, which lets IT have automated installs for those special products.

When a user has problems, and IT can't quickly resolve them, you can get the other users back up and running on the standard workstation image very quickly, then work with that user on his/her add-on programs. “Software distribution improves things a bit. You have an easier time being able to do a lot from a central location. You still need to have strict hardware standards, and for every different OS or basic OS image, you need to have different distribution packages created. It’s easier, though, because you can create the install packages centrally, reducing required worker power and speeding the install process for the users,” says Nooten.

 

About

Toni Bowers is Managing Editor of TechRepublic and is the award-winning blogger of the Career Management blog. She has edited newsletters, books, and web sites pertaining to software, IT career, and IT management issues.

0 comments