Essential Guide

IT sourcing strategy guide for enterprise CIOs

A comprehensive collection of articles, videos and more, hand-picked by our editors

Out of the shadows: Rogue IT is becoming CIO business as usual

The consumerization of IT and increasing demands for business agility are forcing the evolution of rogue IT. How are CIOs responding?

This article can also be found in the Premium Editorial Download: CIO Decisions: Rogue technology: What lies beneath:

There's no place in Bart Murphy's organization for rogue IT. The CIO/CTO at the CareWorks Family of Companies in Dublin, Ohio, makes it part of his IT mission to ensure that surreptitious technology purchases just don't happen.

That's because another big part of his mission is to make sure the 1,000-plus employees at CareWorks don't need to buy technology on the side to get their jobs done.

"If you have a rogue IT unit, there's something broken between your business and IT," Murphy said. "It's either a broken relationship or a broken delivery system." At CareWorks, IT meets efficiency.  Any process that can be, is automated; production cycles are short and governance tight. The result is an IT organization freer to innovate and support business agility.

Murphy's diagnosis is no doubt on the mark. IT departments exist to enable the business. But these days, even the most business-aligned CIOs may feel that eliminating rogue or shadow IT is mission impossible  -- and not because it's in the shadows.

If you have a rogue IT unit, there's something broken between your business and IT.
Bart MurphyCIO/CTO, CareWorks

Gone are the days when rogue IT amounted to an unsanctioned PC buy or personal servers under desks. The consumerization of IT has not just ushered in hordes of sanctioned and unsanctioned mobile devices. The devices themselves have accelerated the pace of business. Success is measured in large part today by how quickly a business can respond to market changes. And if there's an easily procured file-sharing app or collaboration tool that can help -- well, the data suggest that many business units are not worried about how this ad hoc technology purchase could affect the company's enterprise IT architecture. The question is, what should CIOs be doing about it?

Enabling 'innovation at the edge,' bolstering agility

By now most CIOs are familiar with the attention-grabbing prediction by Gartner analyst Laura McLellan a couple of years back that a company's chief marketing officer (CMO) will spend more on IT than the CIO by 2017.

Advice for CIOs on dealing with rogue IT

  • IT's interaction with business partners needs to become more consultative. That means being comfortable providing advice and guidance, even if it's not involved in the delivery of services.
  • IT needs to become more flexible. Traditionally, IT wants to begin at the beginning of an IT project -- and follow the steps in order. If the business comes to IT having done some of the work already and wants help in finishing it up, that's a problem at many IT shops. IT needs more "on ramps," or ways in which the business can start working with IT at multiple points along the project.
  • CIOs need to convince their teams that rogue IT can be a good thing. That means creating: a climate more open to risk-taking, more collaborative and more willing to adapt to business drivers.

Andrew Horne, managing director, CEB

But Andrew Horne, a managing director at Arlington, Va.-based advisory company CEB said the shift in technology spending is both less extreme and more widespread. In a recent CEB survey, the data suggested that 40% of current technology spend is now happening outside the CIO's control, -- and of those expenditures, CIOs are only aware of about half. But technology buying is not all happening in marketing.

"The CMO is one of a number of executives who collectively are spending 40% of what the CIO is spending," Horne said. While the marketing and sales divisions' IT initiatives may be the most visible, departments from HR (performance management software) to finance (analytics) are making IT spend an ever bigger part of their budgets.

But spreading around the technology spend should not be equated with the Career is Over version of the CIO job. Not all rogue technology buys are bad lots, explained University of Michigan CIO Laura Patterson.

If rogue IT means the CIO is unaware of the project, and the project is not aligned with the organization's IT strategy and will result in redundant services, that type of rogue IT is never good, Patterson said in an email interview.

But she does believe that cutting-edge technology development in business units built on shared infrastructure, supported by central IT and by processes that can move those "edge technologies" to the core, can be a very effective model for providing reliable production services and faster innovation.

At the University of Michigan, a large, diverse research institution, Patterson has curbed rogue IT by knowing users and giving them what they want. When employees looking for better, faster options for storage began adopting commercial cloud solutions without contractual protection for university data, her team stepped in.

Understanding the need but recognizing the risk, Patterson's team adopted cloud storage and file-sharing services from Box.com. Implementation was quick and served users' needs, and curbed further rogue activities because it was the type of easy-to-use solution they were looking for. IT gave them what they wanted.

Patterson's team has also created an IT services portal that provides the university community with a catalog of IT offerings, both departmental and central. It's hoped users will check the site before seeking outside solutions. Their vision is that the portal will result in higher consumption of shared services and increase collaboration.

Read more about curbing rogue IT

CIO adopts cloud solutions to meet users' needs for speed, collaboration

Gaining an edge in cloud governance

Getting a handle on rogue IT in the self-service age

"We're too early in the use of the catalog to know if it's successful, but we are very optimistic about the potential to reduce rogue IT, increase use of shared and central IT, and increase collaboration and innovation across the university," she said.

CareWorks' CTO Murphy has curbed rogue IT by keeping communications channels with the business open -- all the time.

"If you're meeting with them once a quarter to get a list of stuff you're going to work on, right there you're missing the boat on something that occurs every single day," he said. "That's why our teams meet daily -- weekly at the maximum."

CareWorks' six businesses include five healthcare management companies and a technology services provider. With hundreds of employees in the field and dozens of client companies relying on fast, efficient turnaround on medical management claims, the IT department has to be responsive for the business to remain competitive, he said.

"You've got to be able to respond today, so you've got to start aligning your processes," Murphy said, starting with business/IT processes for procuring technology.

The second part of this two-part story looks at how CIOs can separate useful rogue IT from harmful rogue IT.

Let us know what you think about the story; email Karen Goulart, senior features writer.

This was last published in March 2014

PRO+

Content

Find more PRO+ content and other member only offers, here.

Essential Guide

IT sourcing strategy guide for enterprise CIOs

Join the conversation

5 comments

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

Do you think rogue IT is always harmful to an organization?
Cancel
We have a different, but similar problem. Yes, we do have the occasional IT equipment purchase that I guess you could call "rogue". There isn't really  a well defined strategy regarding equipment. A bigger problem with us is rogue development by IT dev teams. I definitely have respect for any CIO who is proactively trying to provide good tools for employees to do their jobs, because that is essentially non-existent here. Frequently, employees in other departments ask for little custom tools or scripts to help them do their jobs, and a developer might whip something up for them. The problem is that over the years, there have been so many of these little one-off applications, and no resources to support them.
Cancel
The organization always takes a hit, whether in licensing costs, lost productivity, security issues, etc., whenever you have “rogue” group providing services. It boils down to duplication of effort (in the case where there is a sanctioned group within IT to provide that service) or fragmentation of effort (in the case where there is no sanctioned group, and the service is provided by multiple, disjointed groups).
Cancel
The more I read about rogue and shadow IT the more I suspect its a larger problem than many companies realize.
Cancel
Yeah, it’s a fairly large problem, made more difficult because, in many instance, shadow IT stays off the radar.
Cancel

-ADS BY GOOGLE

SearchCompliance

SearchHealthIT

SearchCloudComputing

SearchMobileComputing

SearchDataCenter

Close