For those of you not familiar with the term “Shadow IT,” it describes a common situation in a manufacturing plant. It might start when a plant manager is struggling to work with an IT system, perhaps as a corporate mandate. The time and effort required to get the application working leads to the plant manager simply hiring their own IT consultant to “fix the problem”. Then, over time, this IT consultant starts doing more and more work, perhaps followed by a team of others. The challenge is that often corporate IT is kept out of the loop, with no idea about this “remote” team, resulting in – at minimum – duplication of efforts, redundancies and wasted resources.
There is a bigger issue, however, that is often simply not considered by those involved in this activity. IT systems must be maintained in order to ensure the higher performance standards as well as an ability to enforce continuous process improvement, Lean and other programs. Over time, a plant that is “out-of-compliance” with the latest IT updates, patches or systems will begin to suffer performance declines – or worse, a product quality issue that simply can’t be “patched” as a solution.
The group of Shadow IT employees has an allegiance (rightly so) to the local plant manager. So, they tend to have a different perspective on how to manage issues impacting others in the organization. I was inspired by reading Mike Schaffner’s article on this topic, which led me to the following seven perspectives on how Shadow IT employees might approach common corporate IT requirements and the associated risk that results from each:
- Documentation – A Shadow IT employee might consider it excessive and time consuming to plan and document projects, including the logging of time allocations. It is difficult to apply the “what happens if you get hit by a bus” scenario to yourself.
- Backup – Backup might be seen as too much of a hassle; greater focus will be applied to the functional aspects of completing a task. Shadow IT usually fails to recognize or plan for redundancy or removes a single point of failure from operational systems.
- Standards / Audit Compliance – Propagating operational standards and best practices requires collaborative efforts and meetings with corporate IT that will typically complicate a solution. Audit controls will be seen as a hindrance. Developing applications within a single operational “silo” typically results in an inability to scale operations effective or efficiently, preventing operational agility.
- Security – Security is often perceived as not a top priority. True competitive advantage, however, lies in the data and details of applications. Security requires a larger influence and guiding set of principles, as a corporate initiative that demands oversight.
- Testing – When operating in a silo, the extent a process is tested is usually limited; extensive testing simply isn’t considered when working in the “shadows” of IT. Strict adherence to develop and execute system and factory acceptance testing with validation against many operational scenarios ensures high availability and effective support of requirements for optimal operational support. Or, “pay now, or pay later” when your system crashes and you have no idea why.
- Inefficiencies – Here is where Shadow IT activities can take a hidden toll. Technologies exist to maximize all aspects of planning, development, testing and diagnosis of issues related to operational systems supporting manufacturing plants. Failing to leverage these tools results in higher IT costs in the long run while hindering both operational agility and competitive positioning.
- Software Licensing – Staff working outside of the corporate “boundaries” might be more inclined to cut corners. Centralized purchasing, support and communications with suppliers and vendors provide greater efficiency in the use of IT funds.
The repercussions from the above behaviors may remain hidden for years. Then, something happens and the “house of cards” falls apart, resulting in significant fall out, customer impact as well as the potential for lost jobs. In the long run, no one really benefits from this type of scenario – neither the plant manager, nor the staff, nor the corporate IT and other staff members. Despite all of the valiant efforts to block Shadow IT, somehow it continues to thrive. Why is this? Perhaps it is due to:
- Accessibility – They are in my area and I have easy access to them, and they do keep production running.
- Responsiveness – They respond quickly. I tell them what I need and it gets done.
- Dedication – They only work on my problems, so I don’t have to compete with other corporate priorities.
- They know my business – Shadow IT knows what I need and knows my business, so serves my needs very well.
- Ease of use – It’s easy to use Shadow IT. No Help Desk to go through, no project request forms, no cost/benefit analyses, no Steering Committee reviews.
The reality is that no amount of ranting and raving, or writing of policies and procedures or threats or talking with managers will stop Shadow IT. The perceived benefits are just too attractive to users and their managers. So, what is the answer? I would propose we need to “peel back the onion” in order to understand why this behavior is occurring in the first place. Then, rather than simply trying to “band aid” the problem, we can cure it.
I have a pretty good idea on what that solution might be, but thought I would prompt our readers to see what their perspectives were first … what do you think is the core reason? I will follow up on this discussion topic in a week or two with my own perspectives. I look forward to your feedback!
Here is my follow up post to this one, for those of you interested in reading about my proposed solution - achieve a balancing act with the needs of your local sites and corporate IT.