Bring your own service. Now what?
‘Shadow IT’ is a real pain in the rear for IT managers. I know it’s a pain for mine. Bring-your-own-device seemed like a good reaction to the invasion of the personal mobile device in the workplace, but it came with a catch.
People are not just using a device with some personal apps anymore. Your co-workers and you are nodes in huge, complex and uncontrollable networks formed by the social media and IT services used as private persons. The distinction between company data and personal data only exists in the sense that people are hesitant to have their personal pictures and data on company systems. No such hesitance exists for sharing company data using networks and services they are a member of as private persons.
This use is un-managed, un-monitored and completely unavoidable. Social media networks and IT services now develop faster than any company can adopt or even design policy for. Thinking this does not happen where you work is blissful ignorance. This is the specter of shadow IT: your business runs on tech you did not choose and cannot control.
Customer issues are discussed on Facebook chat and WhatsApp. Pictures of the strategic roadmap session you just hosted are on a google drive, shared through Slack, sent to private e-mail. Before you know it, you receive a LinkedIn invite to a SlideShare presentation and find yourself staring at your own slides, artfully pastiched by an impulsive colleague and shared with the world.
This genie is now out of the bottle and as an employee, you get three wishes:
- work anytime, anyplace in any device with anyone (colleague or not),
- access any and all content with your own online identity, and
- use the tools that suit your personal preference.
As an IT manager, you basically get none. All the well-known options used ‘against’ personal devices before are defensive, and ultimately ineffective.
The only way is forward. How do we make best use of this rising tide? How do we surf it for all its worth?
Step one: have clear rules of engagement
Allow lightweight adoption of new tools by large parts of your workforce that when the tools are well suited to your environment. Be upfront about what it is for: keeping in touch with each other. Be very clear about just how fire-able the offence of sharing inside or customer data is.
Step two: double down on security basics
The core information systems of the company need to be bullet proof. This allows users the benefit of their shadow IT use without endangering valuable IP. No document or content without DRM, role-based access management to all core systems, a digitally literate and security conscious user community. These are table stakes in 2016 and beyond.
Step three: Culture of responsibility and trust
The freedom of adopting and experimenting within clear boundaries fosters a culture of responsibility and trust. Work is what we say it is, and the rules are what we make of them. Welcome to 2016.
Journey into the unknown together
The time is past when people first encountered new technology in the workplace. Consumer tech now leads corporate adoption. VR will be in your sons’ room before it hits your production floor. It’s time for company IT to give up trying to lead and control developments, and be open to let the user community lead the charge into the unknown. Company IT needs to enable their colleagues to do great things with the tools that they discover and adopt while preserving the warranty and utility that the business needs from its technology and services.
Found insight here? Please recommend this article to your followers. You can also follow this blog, follow me on Twitter or find me on LinkedIn. To receive Sente articles directly to your inbox, subscribe to our mailing list!
