The Risks and Benefits of Shadow IT

Shadow IT is the term used for personal technologies (BYOD), applications, and software or services supported by a third-party service provider, instead of an organization’s IT provider or technology department.Over the past several years, Social, Mobile, Analytics and Cloud (SMAC) technologies have been core drivers of innovation (and disruption). Mobile and cloud services have given end-users the ability to access data and perform their work roles from nearly any location. As a result, businesses’ applications have moved from behind the safety of the company firewall to public Software-as-a-Service (SaaS) solutions for everything from accounting to human resources.These technology trends have also resulted in the “consumerization” of IT, where end-users have come to expect a fast, easy to use, mobile first experience. These expectations can cause with frustration with legacy technologies that may not work as well for employees on the go.End users gravitate toward the simplest solution. Why go and find a work-related device when your cellphone or tablet is sitting on the desk? Thanks to the Apple’s App Store and Google’s Play Store, employees have access to literally thousands of applications that they can quickly install and use to carry out their job functions, all outside of the network perimeter. So why is this an issue?


THE RISKS OF SHADOW ITThere are several issues at hand with Shadow IT. Users choosing their own applications can open companies up to security issues, take them out of compliance with legal guidelines, and negatively affect other users in their business without meaning to. Here are some of the ways Shadow IT can impact your business:Security – Unsupported hardware and software are not subject to the same security measures as supported technologies. Without the ability to monitor and control application use, software and apps that incorporate business data and integrate with existing business applications are at risk of cyber-attacks and malware infections. This leads to lost time, lost productivity, lost revenue, and lost reputation.Compliance – The governance and compliance risks from Shadow IT are extremely serious as sensitive data can easily be uploaded or shared. There are no processes to ensure confidentiality of data or access policies if an employee is storing corporate data in their personal DropBox or EverNote account. Breaches resulting from failing to meet compliance guidelines can lead to significant fines.Workflows and Processes – Technologies that operate without an IT department’s knowledge can negatively affect the user experience of other employees by impacting bandwidth and creating situations in which network or software application protocols conflict. Additionally, IT Support teams may not be ready with answers or a resolution when end users present issues with unsupported tools. This slows down workers and creates additional strain on IT.REDUCING RISK AND MAXIMIZING BENEFITSFor all the risks Shadow IT presents, it also carries the potential for rewards. New applications can revolutionize processes and allow employees to work smarter and more efficiently. This requires a careful balance between management and flexibility.


Most end users do not equate using certain applications or devices with extreme consequences. This is where IT needs to be flexible and communicate well. Instead of telling end users they can only use one system for work, clearly outline what type of data is okay to work on in unsupported applications and which data should remain secure in your supported network. Make sure that you identify allowable uses in your Acceptable Use Policy.The time has come to move past the denial stage of Shadow IT and communication is key. Educating end users and providing clear, concise, information usage guidelines can help you develop enforceable boundaries. Take the time to understand the processes and needs of employees. Research and employ solutions that address those needs, both current and future. This, combined with a solid cloud and SaaS application strategy can rein back in your end users and data.

What CIOs Need To Know About Software Defined Networking

Guess what CIO: there is a revolution that is just starting in the world of computer networking. Sure, you know about the importance of information technology but are you going to be ready for this? For the longest time, we’ve all been building our networks in pretty much the same way: we go to a big equipment vendor such as Cisco, Juniper, HP, IBM, etc. and buy a bunch of boxes. We then string them together, get some expensive software and then sit back and hope that everything connects together. It turns out that there is a better way to do all of this.

Say Hello To Software Defined Networking

What has changed for person with the CIO job is that a new way of building computer networks has arrived. The new approach is called Software Defined Networking or SDN. In the world of SDN, your network will no longer be populated by a bunch of very smart boxes from Cisco. Instead, you’ll be buying dumb white label boxes and deploying them throughout your network. Once you’ve done this, you’ll then install a very powerful server at the heart of your network and you’ll run a fancy control program on it to control all of your “dumb” network elements.

The basic idea behind SDN is to centralize all of the intelligence in a network. Instead of distributing your processing power throughout each piece of expensive networking gear that you add to your network, you now place all of your network smarts in one place. One big advantage of doing things this way is that updating your network software just go a lot easier: you now only have to update the software that is running on one server, not on the 100′s of boxes that you have deployed in your network.

SDN provides a lot of other benefits. Network equipment costs should be lowered dramatically because you’ll no longer need “smart” boxes. When a network failure occurs, the network routing protocol that is running on the central server should be able to converge faster because it has a god’s- eye view of every thing that is happening in the network.

This Changes Everything

As the person in the CIO position, you need to grasp just exactly what the implications that the arrival of SDN networks may mean for your organization. What we are seeing is a fundamental shift in how computer networks are going to be built. We are moving away from computer networks that are defined by their hardware and moving towards computer networks that are being implemented primarily in software. The implications of this are quite large.

When you implement a computer network in software, you now have the ability to change how the network behaves not by sending a technician out to reconfigure hardware, but rather by making changes to the software that is running your network. This means that you’ll be able to adapt your computer network to the environment that it finds itself in much quicker than you have ever been able to do before.

Although this SDN stuff may strike you as being the stuff of academic fantasy, what you need to understand is that SDN has already arrived. Over at Google they have taken one of the primary backbone networks that they use to interconnect their data centers and converted to to now use SDN technology. The results have been nothing less than spectacular. They are now doing a much better job of utilizing the links that run between their data centers and they are able to test the impact of network configuration changes long before they deploy them into the network.

What All Of This Means For You

As CIO you need to stay on top of the changes that are occurring in technology that will impact your IT department. The arrival of Software Defined Networking (SDN) is one such new technology. SDN has the potential to completely change how our computer networks are both designed and created.

The way that networks are built today is by purchasing a great deal of expensive, sophisticated networking hardware and then having trained staff interconnect them. With the arrival of SDN, this all changes. Now the network will consist of cheap commodity networking hardware being deployed in the network and a sophisticated control program that manages everything running on a powerful server at the heart of the network. This new way of building a network will allow changes to the network to be made simply by changing the software that the controls the network.

As the CIO you are going to have to understand the impact that SDN is going to have on your IT department. Going forward you are going to have less of a need for network hardware staff and more of a need for staff who can write the software that you’ll need in order to control your network. Take the time now to fully understand what SDN means for your company and you’ll be ready when it shows up on your doorstep.