Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Shadow IT Risk and Reward

1,229 views

Published on

Published in: Software
  • Be the first to comment

Shadow IT Risk and Reward

  1. 1. Embrace Shadow IT September 2014 Chris Haddad @cobiacomm http://blog.cobia.net/cobiacomm
  2. 2. Embrace Shadow IT • Why Teams Lean Towards Shadow Activity • Trends Impacting IT Budget and Centralized Enterprise IT Authority • The Enterprise IT Delivery Gap • Building a Common Team Mindset
  3. 3. Who is Shadow IT? Image Source: : http://www.apriso.com/blog/wp-content/uploads/2012/08/Shadow_IT_continued.jpg/
  4. 4. Who is Shadow IT? YOU - Just Follow Human Nature EGO OWNERSHIP FREEDOM Image Source: http://upload.wikimedia.org/wikipedia/commons/thumb/8/85/Aromatase_3EQM.png/1280px-Aromatase_3EQM.png
  5. 5. FREEDOM Shadow IT Teams value the freedom to • Create • Innovate • Set Development Pace and Scope • Choose Cost Structure
  6. 6. OWNERSHIP Manage and operate at your own pace under your own control. Shadow IT teams value: • Fast, iterative schedules • Low Cost Structure • Minimizing delivery hurdles – Easy to build and spin up a business solution
  7. 7. EGO: I know what I know. I am what I am. What I know is good enough to deliver business value. • Skills and Expertise • Best Practices • New – Tools – Patterns – Processes
  8. 8. Shadow IT Team View By operating independently, Shadow IT teams gain: • Immediate access to needed resources • Rapid, creative experimentation without red tape hurdles • An ability to tailor solution towards specific business requirements
  9. 9. Driving Shadow IT Growth Externalize, Consumerize, Democratize (ECD) Trend • Externalize – Capabilities sourced from outside your enterprise – Restrict to non-core business functions • Consumerize – Bring Your Own (BYO*) trend – Employees and partners expect a usable and rich user experience • Democratize – Everyone can perform task or acquire capability – Adoption hurdles removed
  10. 10. Driving Shadow IT Growth Externalize, Consumerize, and Democratize (ECD) Trend • Externalize (Cloud services) – Infrastructure: Amazon AWS – Dev Platform: WSO2 Cloud – Software: SalesForce.com • Consumerize (BYO*) – Smartphones: iPhone – File Sharing: DropBox, Flickr – Contact Lists: LinkedIn • Democratize (Lower cost/expertise) – Point and click development – Virtualization, containers
  11. 11. Are you delivering what business teams want? 80% of executives today can name a critical piece of information they need but that IT is unable to provide • Source: http://www.informationweek.com/it-leadership/gartner-2013-tech-spending-to-hit-$37-trillion/d/d-id/1106985 80% of the respondents said they used SaaS applications that had not been approved by IT • Source: http://www.computerworld.com/article/2598551/malware-vulnerabilities/shadow-cloud-services-pose-a-growing-risk- to-enterprises.html
  12. 12. Can you meet business team delivery date?
  13. 13. Shadow Solutions are within reach! Common Operating Principle: Beg for Forgiveness, Don’t Ask For Permission Source: http://upload.wikimedia.org/wikipedia/commons/thumb/2/26/Gingerbread_Cookies_1.jpg/1076px-Gingerbread_Cookies_1.jpg
  14. 14. Shadow IT Teams are Well-Funded 14 (and autonomous) 35% of enterprise IT expenditures will happen outside of the corporate IT budget in 2015. 37% of respondents say the rate of outside spending is on the rise, up from 22% last year. 21% of CIOs retain full spending authority
  15. 15. Shadow IT Team Reality • Shadow IT project funding is outside Enterprise IT oversight. • Shadow IT infrastructure selection is outside Enterprise IT oversight. • Shadow IT team resource pool has limited interaction and collaboration with Enterprise IT. • Cloud services (IaaS, PaaS, SaaS) provide compelling and useful solutions for Shadow IT with few adoption barriers
  16. 16. The Enterprise IT – Shadow IT battle 16 Dev Teams Biz Users IT I have a solution, but can’t deploy I need a quick solution for problem ‘x’ Not compliant with the policies I can fund and provide hosting. ?..#@$% CIO CFO ♬♪ 1 2 3 4
  17. 17. Shadow IT Dangers • Security holes • Non-compliance with corporate policies • Poor Quality of Service (QoS) • Hidden costs (management, monitoring, security, agility)
  18. 18. Enterprise IT Exists To Protect Against IT Danger • Deliver exceptional quality of service at scale • Enforce corporate security policies • Control cost • Reduce IT management burden • Apply team resource pool, skills, infrastructure, and tools across multiple IT projects
  19. 19. Enterprise IT Challenges when working with Shadow IT teams • Architecture • Development Lifecycle Processes • Governance • Tooling
  20. 20. Enterprise IT Goals • Embrace Shadow IT by making the right thing to do the easy thing to do for Shadow IT. • Find common ground between Shadow IT goals and Enterprise IT goals • Bridge the divide between Enterprise IT compliance and Shadow IT experimentation
  21. 21. Enterprise IT Mandate • Address barriers preventing Shadow IT from adopting Enterprise IT standards • Extend Enterprise IT solution reach across heterogeneous Shadow IT teams • Merge Enterprise IT policy with Shadow IT development and run-time environments
  22. 22. Enterprise IT Roadmap 1. Building easy to adopt Enterprise APIs [e.g. master data, business processes, identity] 2. Extend your identity management model to embrace Shadow IT development agencies and Software as a Service identity repositories 3. Add software development lifecycle processes, governance, and security models that are Shadow IT friendly 4. Offer a DevOps PaaS enabling Shadow IT development. 5. Offer approved Software as a Service, APIs, and applications via an Enterprise App Store
  23. 23. Building Block Evaluation Criteria • Provides On-demand Development Team Self-service • Fosters Team Collaboration • Adapts to multiple Governance Models • Conforms with Flexible Cost Models and Fiscal controls • Presents Project Visibility, Policy Compliance Dashboards, and Audit Trails • Establishes Enterprise Management and Monitoring across heterogeneous environments and infrastructure • Federates Identity and Access Control across multiple identity, attribute, and policy information points (PIP) • Promotes Re-use
  24. 24. Embrace Shadow IT • Understanding the Shadow IT mindset • Bridge the divide • Accelerate solution development • Empower every team to build in an enterprise-safe manner.

×