Shadow Workforce
What we need to do is learn to work in the system, by which I mean that everybody, every team, every platform, every division, every component, is there not for individual competitive profit or recognition, but for contribution to the system as a whole on a win-win basis. – W. Edwards Deming
All those of you who have participated in a Sarbanes-Oxley audit hold up your hand? Good. Now, how many of you have been involved in documenting the processes under scrutiny by the Act? I see fewer hands up. For those of you with your hands still up, do you notice something interesting in each of these processes? Thats’s right, there’s a healthy dose of technology inside these processes – and a healthy percentage of this was developed by people who don’t work within the IT organization.
How did these applications get there? Who are these people who developed them?
Not only were these applications developed by carbon based life forms from the same star system as Core IT, but in many cases talented professionals who were formerly within Core IT did the work behind the scenes. Meet Shadow IT.
There is no possible way for IT organizations to meet all the demands of the business partners. In the world of accelerating demands for new technology, and limited and shrinking resources within IT, only the highest priority initiatives can be undertaken. In some cases only a small percentage of the demand will be adequately addressed. The rest of the demand is either begrudgingly dismissed or the business partners will find another way.
While those who perform in Shadow IT do so with much greater variability of skill than those in Core IT, the evidence of their work is in every business process. Typically the work by Shadow IT stays in place for a considerable amount of time.
It’s important to note that Shadow IT typically doesn’t follow traditional SDLC processes, comprehensive testing, or thorough investigative research on needs or range of technology solutions. At the high-end, Shadow IT will be practicing their own form of ”agile” development, and will exceed anything which IT can put forth. At the low-end, these practices are not followed and projects limp along until they either are put to sleep or put into production.
Shadow IT is not new. The work from Shadow IT is all around the corporate world. We need not be blind to Shadow IT but recognize the important role that they play in the support of technology across the enterprise. Without Shadow IT, the demand serviced by them would not be met and the organizational dysfunction would be magnified.
The controls and consistency which comes with Core IT needs to find its way into the work of Shadow IT. The broader perspective and inter-system integration from Core IT will be helpful as the applications from Shadow IT will . There is a time and place where the work of Shadow IT can and should be brought into Core IT.
This can be accomplished with a couple of key items. First, recognize the role and value of Shadow IT. Second, create the understanding that the work from Shadow IT may come back into Core IT at some point, and finally, set up the broad limits for which Shadow IT should work within – just the basics (Java vs. .NET, central data stores vs. local, etc).
Let us celebrate Shadow IT. The fingers of the Shadow IT are filling more dike holes than Core IT can ever fill.
An important perspective, Russ. Shadow IT is inevitable, important, valuable, and needs to be legitimized, and thereby brought at least partway “into the tent” as it were.
Shadow IT acting as islands can do more harm than good – or at least, there good is limited to their immediate department. Acting as part of a network of IT capabilities, shadow IT becomes an extension to the formal IT capability – a multiplier, if you will.
Bud I do think that if we are going to legitimize it, we need to come up with a better term than “Shadow IT.” Suggestions, anyone?
I completely agree with your assessment, both of the value of Shadow IT and the harm that can be done if left to their own devices. My personal belief is that we need to recognize Shadow IT for the value they provide, and legitimize it as valid way of doing business. With the legitimization comes the parameters they should work within to accelerate their benefit, and provide the guardrails to stay within the overall IT game plan.
As for the name, I’ve also heard this class of professionals referred to as “Rogue IT” but I don’t like this any better than “Shadow IT”. Are there better names out there?
Thanks for the article.
I’ll start by saying that I have been on both sides of this issue. Organizations with business needs and a potential technology solution, often resort to building solutions internally to avoid the bureaucracy of approvals through formal channels. Once a solution is in place, that same organization seeks assistance from formal IT team. As a member of a formal IT team, I recently assumed solution management responsibility for a large application deployment that started within a business. My role included the responsibility of ensuring that all of the IT concerns were addressed including security, process and procedure development, contract negotiation, and license management. According to the business customer, the effort resulted in significant business value. In a perfect world, if the formal and “shadow” IT groups had worked together from the beginning, business value would have been delivered much early in the application life-cycle.
I do not see a resolution to this issue any time soon. The “use it or lose it” budget arrangements in many organizations focuses business managers on the short-term and protecting the headcount. In these arrangements, the overall organization is not as efficient because of sub-optimization within individual businesses and departments. Additionally, as long as IT is viewed as an expense rather than a revenue generator organizations will continue to keep the formal IT teams resources constrained prevent the ability add to the bottom-line.
I agree with you whole heartedly. It seems that the structure which has evolved is, as you point out, self-reinforcing. IT budgets never seem to have enough room to cover the areas which are covered by Shadow IT, which leads to a reinforcement and growing Shadow IT. I believe these groups need to work together in ways which are mutually supporting of each other. If this can happen, and their is no practical reason why it cannot, then the enterprise greatly benefit.