Shadow IT: fight it, embrace it, or adapt to it?

Shadow IT-should you fight it or embrace it? Neither. Instead, start meeting the demands and pressures that created it in the first place.

“Create relationships in the organization so people come and talk to you about what they need. If IT isn't embracing the business and building relationships, people avoid IT.”

—Tony Young, CIO of Informatica

Shadow IT can be the personal iPhones that salespeople use to access a cloud-based CRM application from the road. It can be an extra test server developers secretly plugged in under a desk. It can be a cloud-based service that a department is quietly funding on its own. No matter what form shadow IT takes, it is there for one reason: employees are not getting the IT services they want.

How do you handle shadow IT? Do you ban everything that does not get the CIO's official stamp of approval? Or do you capitulate with a "let people do what they want" attitude? The successful CIO does neither—at least, not all the time. Instead, adapt your IT business model to meet the changing demands that lead to unauthorized IT in your enterprise.

Shadow IT: good and bad

Shadow IT is done for reasons both good and bad. If secret technology was installed for a good reason, embrace it. It is usually installed if IT didn't have the time or resources to deliver a solution to meet an immediate business demand. But shadow IT does not always support the business. In that case, you need to fight it. Some common bad reasons for shadow IT include a department believing it operates in a different way than the rest of the organization, or a few employees preferring one product over the standardized, vetted solution.

"The CIO has the responsibility to make sure business units understand the pitfalls," says Tony Young, CIO of Informatica. "When you are managing an enterprise, there is risk—you see things other functions may not understand, like compliance issues and security. What happens when a server running something integral to the business is just sitting under someone's desk? There is a lot of data on these systems that is valuable to the rest of the enterprise, but it is separated from everything else," he says.

Take a proactive approach

The best way to avoid shadow IT is to transform your IT business model. Stop thinking of IT as just another department in your company. Instead, turn IT into a business consultant whose client is your company. This new model needs to recognize that your business counterparts are increasingly tech-savvy and often know exactly what they want from IT.

"Conduct one-on-one meetings with business sponsors around your organization to ensure you are doing the right thing. Create relationships in the organization so people come and talk to you about what they need," suggests Young. "If IT isn't embracing the business and building relationships, people avoid IT."

A cultural shift this big needs to start with the CIO. You must lead by example, proactively forming relationships with people across the business and understanding their objectives. Then IT can either accommodate their requests within the existing infrastructure or guide users toward an alternate, satisfying solution. This might not completely eradicate shadow IT, but it should solve many of the problems that lead to it.


Related content



UPMC used a collection of Informatica products to improve research outcomes in the quest to cure various diseases


Hybrid IT: The crossroads of agility and governance

Don’t sacrifice the needs of the business by discarding a centralized IT model if governance and security are among your organizing principles.


Take the leap into big data

Use big data to shape the future of your company. Because if you do not, your successor will.


How CIOs can integrate those who embrace-and avoid-BYOD

Younger generations expect the always-on benefits of mobile technology, but other employees may not. It’s up to the CIO to bridge the gap.