Cloud vendors constantly adding new features designed to appeal to company users are helping the spread of on-demand software outside the control of the IT department.

Some software-as-a-service (SaaS) firms are open about targeting staff in the hope they start using their apps rather than those handed down by corporate IT.

Cloud-based collaboration and content management software maker Huddle recently described its use of this Dropbox effect, by which software permeates a business until it is favoured by a critical mass and the IT department has to consider incorporating it into the business’ IT estate.

Dr Will Venters, lecturer in information systems at the London School of Economics, said SaaS applications can slowly morph over time in the features they provide.

“Because they can be signed up for with petty cash and housed offsite, the CIO is going to have a very difficult job saying, ‘I’m sorry I can’t install that or I won’t allow that inside the organisation’,” Venters said.

“It becomes a kind of nonsense to say I’m going to stop everyone using Doodle to organise their meetings, unless you can prove it’s a security risk in some way or there’s some significant challenge with it, which would be hard if you’re already reliant on it for part of your organisation.

“It’s not simply about cost and such like. It’s the control of the IT strategy for the organisation that is harder to control.”

Rollout of new features

As an example, Venters cited the case of a sales director who decides to sign up for a CRM application on the desktop for the sales department. The provider of that application will continue to roll out features and new functionality and the sales director can continue to sign up for that functionality.

“But that functionality can then extend beyond the sales function,” Venters said. “For instance, it could become a social-networking tool that the sales director thinks could be really useful to roll out into research and marketing,” he said.

“So my issue then is that the strategic purchasing of IT is now being controlled by one portion of the organisation’s CXO function who was never in control of strategic IT direction or knowledge-management systems of an organisation before.”