Shadow IT goes home: How to reduce the risk

As workers were forced home due to the COVID-19 crisis, the potential for shadow IT went with them to their remote offices. However, it doesn't need pose a risk. In fact, it could prove to be an asset.

A man using a mobile phone in shadow against a bright wall
Warren Wong (CC0)

Look back 20 years and IT was responsible for sourcing, licensing configuratng and managing all workplace technology. PCs were kept secure by locking them down to the point where only approved apps and features were availalbe and Active Directory’s group policies allowed fine-grained control over the entire PC experience. The only software allowed was what IT provided and managed. Access to large parts of the web, including social media, was blocked and there was no expectation that users would be able to (or want to ) use their PCs at work to access personal data, including private email accounts. 

IT was often called the department of "no" because that was often the response when asked if this application or piece of hardware could be added. If something needed to be installed, it generally involved an IT staffer coming to your desk, relieving you of your PC for a time while applications were installed or it would be installed automatically overnight without any notice or explanation. With no control over applications, content or web access, most employees weren't able to upset the apple cart and few tried. 

[ Free download: Mobile management vendors compared ]

Then the iPhone began to rewrite the rules of enterprise computing. Workers began to find apps or cloud services that helped them accomplish work tasks and install them on their mobile devices without any say from IT. At this point, IT had little response other than blocking those devices from accessing corporate Wi-Fi, which itself was a paper tiger because connectivity came with the device.

At the same time, cloud services were becoming a greater influence both at work and at home. With noncorporate devices came free access to services that could now be purchased for a small ad hoc team or entire division. 

This is shadow IT --  employees and executives working out their own personal set of tools for what they need to accomplish. If IT balked at something, it didn't really matter because there were ways around anything IT said or did. In larger enterprises, with networks of users, IT-like help and troubleshooting sprang up.

Related: Is Apple's iCloud Folder Sharing a shadow IT problem? ]

It began to look like IT had become an utility. It kept the lights on but wasn’t a needed partner or equal in terms of decision making. Perhaps the defining moment was when Apple announced its mobile device management (MDM) capabilities alongside iOS 4 and the original iPad. 

This didn't create a tech utopia, but it did create ways to close the gap between shadow IT and corporate IT. 

Enterprise IT in the time of COVID-19

By and large, IT and shadow IT have developed a dialog about a device, its ownership, the apps and the content on it, using MDM and the broader EMM (enterprise mobility management). The results may not be perfect but there's a grudging acceptance on both sides. Although iOS was the mobile platform in businesses for some time, Android eventually caught up in terms of enterprise capabilities. EMM platforms have even gained the capability to manage PCs, Macs and Chromebooks. 

To continue reading this article register now

  
Shop Tech Products at Amazon