The rest of the business no longer needs to make IT the first port of call with it comes to buying IT services and this results in a gap between what IT thinks an organisation spends on IT and what it really does.
Therefore, non-IT department spending on software and hardware is more prevalent than most businesses realise. According to a Cisco report, the number of unauthorised cloud apps being used in the enterprise is 15 to 20 times greater than CIOs anticipated.
This can put pressure on the CIO, making planning for future investments a much more difficult job. As a result, there is a disconnect between what the IT department believes is happening and the facts on the ground. The growth in unknown and unauthorised SaaS applications can also present big challenges to organisations want to demonstrate they are on the right side of the law when it comes to software license compliance.
This is not to say that unknown usage of SaaS, more often referred to as shadow IT is bad thing. It allows organisations to respond effectively to demands and remain agile.
So, what can be done by CIOs to bridge this gap in knowledge? You can’t just shut down unauthorised application usage straightaway (those apps may be critical to a business unit’s bottom line), but also, from a software optimisation standpoint, you cannot ignore it either.
CIOs need to draw up a plan to bring this type of IT out of the shadows and under the oversight of the IT department. This is basically a hybrid IT model where employees can draw from a long list of IT-approved cloud services that they want or need to use.
However, before this model can be deployed, CIOs need to find and identify which unauthorised cloud applications are being used inside the business. There are a number of discovery tools available for such tasks which can automatically scan an organisation’s infrastructure to detect SaaS applications. The Software Asset Management solutions typically concentrate on the commonest high priority applications which will cost the most to the business and represent the greatest compliance risk.
These can quickly compile data for reports to the CIO, so they can discover which services are popular with users, allowing them to be quickly vetted and added to the list of approved services in the hybrid IT model.
The goal here should not be to completely get rid of shadow IT from the organisation, the chances of achieving that are slim and time-consuming. The ambition of the CIO should be to cut down on the need for users to get around the IT department in order to carry out their work functions.
CIOs should also hold regular reviews with business units to ensure that new business challenges and requirements are known about and can be addressed. These reviews are a good way of finding out why that unit has not come directly to the IT department with any requests for cloud applications and services.
Of course, unauthorised SaaS applications are competition to the IT department and the only way of ensuring IT performs better than these is to be closer to the customer – the business unit – so as to understand what problems they face and how to deliver solutions to them.
It has to be acknowledged that the IT department will inevitably expand their portfolio of approved cloud applications and services that are offered to end users. Yet, how many that will be is hard to quantify until you achieve accurate visibility into your businesses usage of SaaS.
Looking to bridge the disruption gap caused by digital transformation? Learn how Snow and Crayon are empowering CIOs and IT leaders to regain control, reduce overspend and influence key IT investment decisions: