Gartner recently forecast that the CMO will spend more on IT than the CIO by 2017. This startling prediction is driven by a symptom that is already starting to emerge in 2013. The rise of “Shadow IT” (or “Stealth IT”).
It’s a simple phrase that disguises a potentially significant threat to the existing order of things for CIOs and it looks like its starting to shape the future role of the CIO and their team. Logicalis is running a short survey on the influence of the cloud on the the IT Department - and we'd like your thoughts.
Shadow IT describes more than just the shift to the consumerisation of IT and Bring-Your-Own-Device (BYOD) - it includes how enterprise-grade hardware, software and services are being bought and managed outside of the mainstream IT organisation and direct control of the CIO. As an example, CIOs are already trying to deal with heads of sales and marketing purchasing large scale CRM and, Marketing Automation Systems without the IT function having direct oversight of the selection, procurement, deployment and management of the solution.
Shadow IT creates some significant exposure for an organisation. In particular, the threat of losing control over corporate data. Faced with security controls designed to stop data leaving the corporate network, users are setting up their own accounts in the cloud on platforms such as Dropbox to enable them to work on different devices. (A survey late last year found that one in five business users uploaded work documents to Dropbox, with the most blatant offenders being staff in more senior positions.) We are already seeing the trend towards the consumerisation of IT extend to cloud based software applications in addition to devices. Whether CIOs like it or not, their organisation’s data is exposed.
Gartner Fellow David Cearley sees the logical extension of this phenomenon as the emergence of the “personal” or private cloud,” where individuals keep their personal content, access their preferred services via a variety of devices, ultimately replacing the PC. No single organisation is going to be able to exert complete control in this brave new world, so better for CIOs to embrace and influence it.
This suggests that mitigating this risk by establishing “data sovereignty,” taking ownership and control over your data, and associated service level agreements should be an early priority for CIOs. Formal disaster recovery and business continuity planning is hardly a new mandate for the CIO, but updating these policies and procedures to account for Shadow IT seems a vital step.
As always, a key challenge for organisations in adapting to an emerging strategic direction is performing the balancing act between managing risk and creating innovation for competitive advantage. Gartner predicts that in 2014, 30% of Global 1000 companies will broker (aggregate, integrate and customize) two or more cloud services for internal and external users. This is up from 5% today. This is a very rapid shift. CIOs must at the very least formulate a strategic response to cloud computing.
Increasingly, it seems the role of the CIO and their team is to act as a “broker” of cloud services for the organisation, because:
- CIOs are finding it hard to manage all the challenges of their internal customers when it comes to provisioning, managing and integrating hybrid cloud solutions.
- While external providers play a key role in implementation and management of cloud services, the organisation sees the CIO and their team as being best placed to set the overall direction and manage the relationships between stakeholders.
- Acquiring and keeping a team with all the necessary skills to integrate and customise multiple cloud services at scale is very challenging and requires a huge investment. Increasingly CIOs are looking to external service providers for these skills.
- This approach enables the CIO to re-exert control and rebuild influence within the organisation, as Gartner puts it in its Predicts 2013 publication, “The internal CSB (cloud services broker) role represents a means for the IT organisation to retain and build influence…and to become a value centre in the face of challenging new requirements…”
Read Part 2 of our Cloud and the CIO, where we interview some CIOs and look at the implications of Cloud on the IT skills required and the role of the CIO.