The Register almost gets it. I don’t blame them, really. You can’t change the world overnight and articles about IT engaging the business mostly reflect the IT world as it is. It’s no surprise they fall short when it comes to the part about how things ought to be. I do like the article because it does actually give the users some credit where due but it suffers from “IT is Important-itis”. To wit, in an expository on Infrastructure as Code:
“It’s a lovely idea, but only if you have guidelines in place to stop devs littering your infrastructure with zombie VMs and chewing their way through your storage capacity with poorly-thought-out API calls.”
Um, it’s not your storage capacity. It’s the Business’ storage, you’re just administering it, jackass. Those littering devs are increasingly hired by the business directly.
“If you’re an Amazon Web Services house, you don’t necessarily want your developers spinning up services on the competing Microsoft Azure just because they have a preference for, or more experience with, that particular technology stack or service…”
Sure. For example, we wouldn’t want our Marketing team to work in InDesign or Illustrator when MS Paint is so much cheaper for our shop. Some of the users prefer to have an Android phone; that makes no sense when we have so many flip phones lying around to distribute. And another thing…we just replaced all those expensive laptops with Chromebooks. The CEO’s assistant had the nerve to complain about it…can you believe that?
The sad part is that they get so much right with this gem of an article, especially early on in the setup:
Discipline in cloud-based resource procurement breaks down into three broad areas:
-
Making sure your users aren’t buying the wrong stuff
-
Making sure that you’re buying the right stuff
-
Giving people what they need in a controlled way (which may not mean giving them what they want).
As usual, it starts out great and tails off with another root cause fail. It sounds roughly good without context but it’s a dishonest progression. The whole point of shadow IT is that the business is finding solutions to problems IT is incapable of helping them resolve. So by definition your users have already found the right stuff without you. Now you get to play catch-up. That second bullet should really be front and center because “making sure that you’re buying the right stuff” means requirements gathering and matching solutions to the actual needs. Since we didn’t do that in the first place, the business went the shadow IT route. Finally, isn’t “not giving them what they want” kind of the point the users were making?
The whole thing strikes me as another example of “oh no, we’re losing our historically total control over IT decisions because the users are getting smarter, how can we keep the Iron Throne” whinge. At least there’s still some self awareness to be found:
“Discovering and understanding some of the unmet employee needs can help to reduce the risks associated with unsanctioned filesharing,” he said.
IT guys: that means talking to your users, or getting someone else more tolerant to do it, so that the IT department can understand why they are fleeing to third parties, and then give them something better.
When we can safely presume the folks in IT are incapable of having the most important conversations with the business, there’s not much hope for changing the state of affairs. Viva la Shadow IT!