Shadow IT has been defined by George Spafford in his article titled The Dangers that Lurk Behind Shadow IT as:

…groups providing information technology solutions outside of the formal IT organization. Their existence is due to groups thinking they can do things cheaper and/or better than the formal IT group.Also, it may be that the formal group can’t meet their service requirements or the formal group is forced to develop generic applications in an attempt to meet the needs of everyone and controlling costs versus customizing applications to meet the needs of business units.

Shadow IT is a serious problem in business, not just for IT groups, but for all segments of an organization. The causes of Shadow IT, in my experience, have been due in large part to senior leadership not understanding the value of their IT group.

Another cause of the Shadow IT problem has to do with those IT groups that don’t solicit input from the business users as to what the business needs are. This one of the major factors in the creation of Shadow IT within most organizations.

If asked, most people can describe more than a few ‘horror stories’ about their troubles with IT Personally, I’ve had quite a number of run-ins with IT groups that have left me wondering who they really worked for….our organization or our competitor. A few examples:

  • The IT department of a very large wireless telecom company had very strict guidelines about the types of computers that were allowed on their network. A policy of this nature is understandable if the business needs of the company are considered prior to implementing this policy. Engineers, working with their managers, approached IT to ask that a new type of machine be supported so that they could run their engineering software. The request was denied by IT since they only reviewed new computers at the end of the Fiscal year. As it turns out, engineers within this company had to buy, install and support an entire ‘shadow’ network of computers in order to run the software that they needed to run (the software required very high-performance computers).
  • When users within an office of a very large contract manufacturing company needed IT support, they were not able to contact the local IT person who worked with them in the same building, but were required to call a toll-free number that was routed to an IT helpdesk. The helpdesk would then log a ticket and try to help the user, which invariably didn’t resolve the problem. The user would then be told that the local IT rep would be assigned the ticket. After what was usually at least an hour of dealing with the outsourced IT staff, the user would finally be allowed to talk to the local IT rep who would then fix their problem within a few minutes. Eventually, the staff began to ignore the IT helpdesk completely and would resolve their own problems and would even call in an outside IT support person from the local computer store to fix their problems.
  • One of the best examples of Shadow IT occurred at one of my previous employers. Our IT department was outsourced to a large IT firm, who was very responsive to our needs…for the most part. The contract with the IT firm had been negotiated and agreed to without any input from the actual users or departments that would be supported. Since the group that I managed was a software support group, we had a need for quite a number of different computers with different configurations, but none of this information was ever captured in the contract. When it came time to get a few more computers to match the configuration of our new clients’ PC’s, were were told that the contract didn’t allow it and despite my efforts, we were never able to get new PC’s through the IT group…we had to purchase them ourselves and support them ourselves. Shadow IT at its finest.

How do we solve the Shadow IT problem? Mike Schaffner over at Beyond Blinking Lights and Acronyms has a few ideas. In a post titled Shadow IT Revisited, he writes:

The bottom line is we have to figure out a way to provide needed user services while meeting the legitimate IT concerns or the users will by-pass IT and do it on their own.

Mike is right. IT needs to be able to provide services to the business that force the business to never have to think about IT…don’t give IT users the opportunity or reason to look outside of the IT group for support. In other words, provide top-notch support to the business. This may require additional costs in adding headcount, but it might be something to consider if a good portion of the IT groups’ time is spent fighting Shadow IT issues.

Another way to solve the Shadow IT problem is for IT groups and senior leadership to understand the value that the IT group can provide to the organization. IT can do so much more than ‘support computers’…they can provide a strategic advantage as well.

Mike’s post, which describes an article titled “Users Who Know Too Much (And the CIOs Who Fear Them)” on provides a great overview of how to solve the Shadow IT problem and is definitely worth jumping over and reading the article and Mike’s post.

PS – Mike has another good post titled “IT Needs to Become more like Shadow IT” in which Mike describes more ideas for resolving the Shadow IT problem.

[tags] IT, Information Technology, Shadow IT, Strategic use of IT [/tags]