The Yin and Yang of Hidden Technology Spend

The spending category with many names.

Not all technology spend within a company originates in the IT group. It’s widely known this behavior exists, but rarely discussed in the context of aggregating all technology spend. Industry writers have many names for it, including shadow IT, hidden IT, business unit technology spend, and rogue technology spend.  Some business managers enjoy the lack of publicity. They don’t want to draw attention to it for fear of losing it or getting into lengthy conversations that will slow down their progress.

Who’s to blame?

Typically, IT is caught in the middle and is often the one blamed for creating the environment that leads business unit managers to go around IT for technology services. Jaikumar Vijayan of Computerworld recently discussed how shadow IT spend with cloud services is growing.

Vijayan quotes a report from PricewaterhouseCoopers (PwC)

The risks from shadow cloud services include issues with data security, transaction integrity, business continuity and regulatory compliance, technology consulting firm PricewaterhouseCoopers (PwC) warned last week.

“The culture of consumerization within the enterprise — having what you want, when you want it, the way you want it, and at the price you want it — coupled with aging technologies and outdated IT models, has propelled cloud computing into favor with business units and individual users,” PwC said in a report.

One of the challenges IT managers have is they are asked to support and enforce regulatory and compliance statements. As an IT professional, I see security audits and questionnaires from current and prospective customers each week. The inquiries are becoming more lengthy and the expectations for security and compliance are growing. It’s expected that organizations have strict policies governing physical and logical security, encrypted data, backups, data retention, and data location. The kicker is that for existing customers, compliance with the regulations is mandatory. For prospective customers, compliance with the regulations could mean the difference between winning new business and losing it.

Here’s the rub. IT doesn’t make the policies, they are asked to enforce them. When IT managers support these regulatory requirements such as not allowing cloud storage, it invites users to find a way a around the policy to conduct business. Remember too, that IT is also constrained by the budget allowance each year for upgrades and is expected to maintain existing equipment with minimal changes to reduce risk of business disruption.

Is this really IT’s biggest nightmare?

I don’t think so. Here’s why. IT isn’t completely innocent of what’s happening. The PwC report quoted by Vijayan captures it well, “coupled with aging technologies and outdated IT models…” there is a growing trend for business unit managers to purchase their own technology.yinyang

I agree with the summary from PwC. But I also believe that in a general sense, we have to be pushed to get better at something. What I mean by this is that we need someone or something to challenge us to think differently, to strive for better results, and to find new opportunities for success. Being pushed is part of the foundation of success.

I think hidden IT spend is in some ways a ying and yang. Can hidden IT spend be complementary to IT spend? Don’t you think that IT leaders would also like to push forward into newer technologies and service models such as SaaS and IaaS? I see the whole debate as a challenge and wake-up call for IT leadership and Business leadership to find ways to advance the technology offerings and services of their company in order to provide better solutions for customers. Policies and regulations are not going away. Why not try to solve the puzzle of mapping technology advances to policy statements?

This can be a yin yang. But the key to success is to do it together. Said another way, the key to success is to do “IT” together. Just think what your business would look like if that happened.