Total Members: 4770

This community is proudly sponsored by :

Fighting Back Against Shadow IT: Part 1

Help your customers embrace cloud services to serve business stakeholders

Introduction

The term Shadow IT describes the use of IT systems, software or other solutions used inside an organization without knowledge or approval by the IT organization1[CG1]  This situation is arising because of the changing technology and services landscape. Business users are avoiding formal IT processes and procedures because their demand for technology to achieve business outcomes is outstripping an IT organization’s capacity to supply. Today, shadow IT may manifest itself through unauthorized applications, the storing and transferring of sensitive data outside of a secure network, or the spinning up of a virtual machine (VM) in an unsanctioned public cloud.

The advent of powerful and rapidly-evolving mobile devices and associated applications has given shadow IT a boost, as has the availability of cloud services. Line-of-business executives are leveraging this digital transformation to control IT spending decisions.2[CG2]  Circumventing the IT department in many cases means circumventing you as the IT provider.

While the ease of procuring cloud services has contributed to the growth of shadow IT, the solution lies in governance of its adoption and deployment throughout the organization. If properly managed, cloud services can reduce instances of shadow IT and help solve the issues around it.

In this 3-part series, we will explore ways you can empower your customer’s IT administrators to maintain the proper governance and control that they require while giving their business units the agility that they desire.

Ways you can help your customers reduce their shadow IT include:

  1. Assess the situation and make recommendations for better governance
  2. Work with the business units to understand their unique needs
  3. Help identify and cordon off their mission-critical applications
  4. Encourage them to consider hosting mission-critical applications in the cloud to free up IT staff
  5. Provide them with a list of approved cloud service providers you have established relationships with to ease their cloud adoption
  6. Help them empower development within their IT teams and business units

Working with your customers to implement these steps will help position you as a trusted cloud advisor or broker, not just with the IT department but also with the business unit leaders. Get (or keep) your seat at the table by enabling your customers to gain better oversight of cloud services and reduce the instances of shadow IT within their organizations.

First, Assess the Situation

Before outlining a solution, it is important for you to assist your customers face reality.

Many customers may say that shadow IT does not exist in their organizations. Take, for example, the actual usage of cloud services. Skyhigh Networks publishes an annual Cloud Computing Trends report. In its 2016 edition, Skyhigh reported there are 112 cloud-based tracking services used just to deliver marketing analytics, targeted advertising, and personalized experiences on the web.3[CG3]  If you need to reinforce the proliferation of these kinds of applications further, use examples of popular cloud-based applications, such as Dropbox, Evernote and Skype. As of March 2016, Dropbox had 500 million users4[CG4]  and is a business-focused service available to all corporate users. At the same time, Evernote had over 200 million users across all platforms,5[CG5]  and WhatsApp crossed the 1 billion user mark in February 2016.6[CG6]  In addition to these instances, shadow IT can also lead to the storage and transfer of sensitive data over unsecure networks, or procurement of applications via software-as-a-service (SaaS) deployment models.  

A survey done for a security technology company back in 2013 found that four out of five workers admitted to using shadow IT. Respondents indicated that the most common reasons for turning to a non-approved application were: familiarity with it, a slow IT approval process, and better suitability of the non-approved application for the task at hand.7

With today’s proliferation of cloud-based business and consumer services, the issue is only growing. Not surprisingly, IT organizations may have little insight into how much shadow IT is present. Examples like these help reinforce your message and the value you can bring to the table.

One way you can help your customers better understand the applications that are in use is to execute a survey across business units. As part of the survey, be sure to ask questions regarding the data being handled and which applications are used to process the data. Also be sure to ask about any integration points with other mission-critical applications.

Survey methodology is a basic starting point. Other measures may be required to build a

stronger business case for fighting back shadow IT. Penetration tests and audits may also be employed to identify issues with particular applications that may be in jeopardy. The findings from these approaches, along with stats that illustrate the costs associated with security

breaches and failed compliance audits, should be used to illustrate the importance to the business and the potential negative impacts to the bottom line from allowing shadow IT to continue.

While downloading a web application or using a credit card to spin up public cloud virtual machines may seek a quick and easy way to solve a problem, there are hard hidden costs to shadow IT beyond the risk of security breaches or failed compliance audits. According to a Cisco report, the hidden costs of public cloud are 4-8X higher than from a single cloud provider.8[CG7] 

The costs associated with operations and integration as well as network security rise as well.

Now that the environment has been assessed, we will examine how you can identify your customers’ mission-critical applications and what to host in the cloud in Part 2.

To learn more about Sungard Availability Services and how we help our business partners fight back against Shadow IT, visit http://channels.sungardas.com or email as.us.partnerprograms@sungardas.com.

1 Wikipedia, Shadow IT
2 Mark Samuels, ZDNet, Why there’s still a role for the CIO in the age of shadow IT, July 2016
3 Skyhigh Networks
4 Statista, Number of registered Evernote users from May 2009 to July 2016 (in millions)
5 Statista, Number of registered Dropbox users from April 2011 to March 2016 (in millions)
6 Statista, Number of monthly active WhatsApp users worldwide from April 2013 to February 2016 (in millions)
7 Frost & Sullivan, “The Hidden Truth Behind Shadow IT,” November 2013
8 Nick Earle, Cisco “Do You Know the Way to Ballylickey? Shadow IT and the CIO Dilemma” August 2015

 
Top Ten Commandments for Disaster Recovery Plannin...
Fighting Back Against Shadow IT: Part 2