Do you have shadow IT in your organization?

When I started working as a system administrator over 20 years ago, I worked for a central IT department at a remote facility for our company. Four of us managed a network of 1,000 nodes, with multiple servers under a boss that decreed we needed to respond quickly and effectively to requests made by clients. They came to us often, expecting results, and we delivered. I assumed all IT groups worked like this. Almost a year later I worked at another facility and was quite surprised to find a different situation.

In the other location there were also four people and 1,000 nodes, but the IT group only managed around three quarters of those nodes. Different groups had their own servers and applications they managed. There were machines under desks in one department, where the desk’s owner was tasked with working half his time on department work, and half his time on technology issues. I only found out about this when one of them asked me how to solve a few problems; I then realized he was managing his own IT services for his group.

Shadow IT is still around, and in some cases it’s growing. That can be a problem, not only for IT staffs who have less demand for services, and thus staff, but also for the security and data integrity of an organization. Someone managing IT operations part time may not understand the security or data issues they create, face, or just may not have time to deal with. They also won’t necessarily have the experience to work efficiently and effectively on administrative needs, though I know a central IT staff will necessarily do a better job.

As a data professional I get concerned about Shadow IT groups, which might hoard their data, or even keep around data that’s gotten stale. I worry they’ll lose systems and then come to me for a solution to recover the data, often without having managed backups. Most importantly, I worry they’ll make a mistake, cause a business problem, and not only will I need to clean up the mess, I’ll share in the blame for not helping them build something they needed in the first place.

Shadow IT is usually the result of a non-responsive central group. I’ve always made it a point to try and help people get the tools they need to work. Sometimes blanket policies prevent this from happening, but by making friends I can usually get Shadow IT people to consult with me and listen to suggestions and ideas. It isn’t perfect, but if I can get them to make regular backups, it’s a win.

Steve Jones

The Voice of the DBA Podcasts

We publish three versions of the podcast each day for you to enjoy.