Showing all posts tagged shadow-it:

Enterprise IT Kill Switch

California has passed a law mandating kill switches for smartphones:

A kill switch is software that allows consumers to disable a phone after the device has been reported stolen and reactivate it only with a correct password or personal identification number. Proponents of the bill have argued that wide adoption of this type of antitheft technology would lead to a reduction in phone theft because it would make it more difficult for criminals to resell stolen phones.

This is all well and good, and if your phone has this functionality available, then you should definitely turn it on now. If stolen smartphones are known to be useless, it will not be worth thieves' while to steal them. Note that this works even if the technology is not perfect. If it turns out that the lock can be bypassed, but doing so is difficult or time-consuming, fences will demand more discount from thieves, making the phones less attractive.

But what is the connection with enterprise IT?

I would be willing to bet that many admins have wished that servers came with kill switches, for instance. Who hasn't had a mis-configured VM running on somebody's desktop hijack DHCP for an entire subnet, for instance? Yes, that one happened to me - although I had some choice words for the OS vendor that chose to make the DHCP server default to on…

Unfortunately, problem servers these days are often not directly under IT's control. This is infamously known as "shadow IT": business units frustrated with the pace or quality of service they get from IT go rogue and obtain service elsewhere. Gartner famously predicted that 35% of IT spending would be happening outside of the IT department's view by 2015.

Depending on your own definition of shadow IT, this prediction may seem more or less realistic. For instance, does shadow IT include rogue BYOD? The same pressures drive both, but BYOD users generally want to use company services. However, nobody can deny that a non-negligible amount of shadow IT is already taking place.

The question is what to do about it.

I got into a Twitter exchange on that very topic, starting from this blog post by the IT Skeptic, Rob England.

IT departments would love to have a "kill switch" for shadow IT. No more rogue users going off and doing their own thing! Back to the good old days of everyone going to IT on bended knee. After all, what alternative did they have - buy their own mainframe? Yeah, right!

Well, the world has changed, and now users do have alternatives. The hell of the thing, from the point of view of an IT department, is that users get better quality of IT service at home than they do at work, and this has changed their expectations at work too.

When a user goes around the IT department, that is a signpost to value that is currently not being delivered by the IT department. No matter how easy it gets to do IT, users would rather someone else were doing it. It's just that the level of effort required to do it themselves has fallen below the point where the returns are sufficient to make it worth their while.

Time was, only the most dedicated people would do the BYOD thing and bring a Mac or a laptop running Linux to work. Now, it's easy enough that pretty much anyone can do it1, and the returns are obvious. We are getting to that point with cloud services, especially SaaS.

Now, I do agree with Rob England that distributed IT is better than shadow IT. Distributed IT simply means IT that is engaged with the business, instead of skulking in their ivory tower ^W^W darkened basement. Where we differ is on how blame is apportioned.

To my way of thinking, shadow IT is an indictment of the IT department's failure to engage with the business. Users should not go rogue, but let us all recognise that there has been some long-term provocation going on. In fact, IT people are shooting themselves in both feet by not engaging with the business, because not only are they losing relevance as the users bypass them wherever possible, but they still get held responsible when something breaks or the company hits the front page of the news for all the wrong reasons.

If you are in IT, talk to your users, figure out where there are bottlenecks, and help remove them. This is no longer a "my way or the highway" world; users have any number of roads, pathways, railways, navigable rivers, gyrocopters and teleporters to get to where they need to go. You need to prove your value, not just assume that users have no choice.

The good thing is that the rewards are also significant. IT can be a differentiator, not just a cost center. Business processes today are entirely computerised, to the point that the performance of IT is the performance of the business in a very real sense. (If you doubt me, try visiting any office when the power is out or the network is down. I guarantee you that not much business is being transacted.) An engaged IT department - distributed, as Rob England puts it - can make a very visible contribution, and stop being lumped with Facilities and janitorial services.

And all you have to do is stop calling them lusers

  1. Or bribe someone else relatively cheaply, one time only. 

Why Shadow IT exists

Let me share with you a short e-mail conversation I had earlier today, which perfectly illustrates why users will do anything rather than deal with their IT department, up to and including running their own servers.

Me: Hey IT, what are the video conferencing standards we can support?
IT: Just use Lync - it's the standard!

Me: No, it's somebody else's meeting, and they asked what video conferencing standards we can support.

IT: I don't know anything about this meeting, and anyway it's up to them to send you an invitation you can accept.

Me: Agreed, and they are asking what I can accept, hence my question about which video conferencing standards we can support.

IT: * silence *

As usual, Dilbert is spot-on: I am obviously dealing with Mordac, the Preventer of Information Services.

Enterprise IT on the shelf

Cross-posted to my work blog and to Linkedin

If there has been one overarching theme of the last few years in IT, it has been the changing relationship between enterprise IT departments and the users that they support.

Users have always wanted more IT faster, and this has always driven advances in the field. Minicomputers were the shadow IT of their day, democratising access to computing that had previously been locked up in mainframes. (By the way, did you know that the mainframe is fifty years young and still going strong?)

Departments would purchase their own minicomputers to avoid having to share time on the big corporate machines with others. This new breed of machine introduced application compatibility for the first time. In other words, it was no longer necessary to program for a specific machine. Higher-level languages also made that task of programming much easier.

Microcomputers and personal desktop computers were the next step in that evolution. At this stage it became feasible for people to have their own personal machine and run their own tasks in their own time, and for a while IT departments lost much of their control. The arrival of computer networks swung the balance the other way, until the widespread adoption of mobile devices started the swing back again.

Seen in this way, cloud computing is just the latest move in a long dance. The tempo is increasing, however, and it becomes more critical to make the right moves.

One make-or-break move is the very first public one, when a company decides to shift at least some of its workloads to the public cloud. It’s important to remember that Amazon was not designed to be traditional IT and trying to treat it that way is a route to failure.


To get an idea of the sort of problems we want to avoid, here’s an example from a completely different domain. If you have ever furnished a house or a flat, the odds are good that you have wandered around IKEA, feeling lost and disoriented, and possibly having a furious argument with your significant other as well.

Assuming the shopping trip didn’t end in mayhem and disaster - and personally I always count it as a success when I get out of IKEA without either of those - you may well have bought an Expedit shelving unit. The things are ubiquitous, together with their cousins, the Billy shelving units. I should know, I own both.

The bad news is, IKEA is discontinuing the Expedit and replacing it with a slightly different unit, the Kallax. This has infuriated customers who liked being able to replace or extend their existing furniture with additional bits.

What has this got to do with IT? What IKEA has done is break backwards compatibility in their products: you can no longer just get "more of the same", and unless you are furnishing an entire new home, you will probably have to deal with both the old and the new model at the same time.

Enterprise IT departments are facing the same problem with cloud computing. They want to take advantage of the fantastic capabilities of this new model, but they need to do it without breaking the things that are working for their users today. They don’t have the luxury that startups do of engineering their entire operation from the ground up for cloud. They have a history, and all sorts of things that are built on top of that history.

On the other hand, they can’t just treat a virtual server in the public cloud as being the same as the physical blade server humming away in their datacenter. For a start, much of the advantage of the public cloud is based around a fundamentally different operating model. It has been said that servers used to be pets, given individual names, pampered and hand-reared, while in the cloud we treat them like cattle, giving them numbers and putting them down as soon as it’s convenient.

The public cloud is great, but it works best for certain workloads. On the other hand, there are plenty of workloads that are still better off running on-premises, or even (gasp!) directly on physical hardware. The trick is knowing the difference, and managing your entire IT estate that way.

This is part and parcel of BMC’s New IT: make it easy for users to get what they need, when they need it. To find out more about what BMC can do to make your cloud initiative successful, please visit