All Posts in Shadow IT

|In: Architecture|Last Updated:

Three threads, one conclusion:

Thread #1: In a recent advertorial (“Stop Using Excel, Finance Chiefs Tell Staffs,” Tatyana Shumsky, 3/31/2018), The Wall Street Journal proved once again that, as someone once said, if you ignore the lessons of history you’re doomed to repeat the 7th grade.

Dan Bricklin first invented the electronic spreadsheet back in 1979. It was immediately and wildly popular, for some very simple reasons: It was incredibly versatile; you could use it to think something through by literally visualizing it; and, when IT responded as it usually does to requests for small solutions — not a good enough business case — users could ignore IT and solve their own problems, right now.

The Wall Street Journal’s story tells the usual tales of spreadsheets gone wild, with their high error rates and difficulties in consolidating information. What were those fools thinking, using Excel for <insert Excel-nightmare-case here>!?!

I was nowhere near the place and I can tell you exactly what they were thinking. They were thinking they had a job to do and the alternatives were (1) Excel, and (2) … uh, Excel.

The business case for the solutions extolled in The Wall Street Journal story was that the Excel-based solutions caused problems. Had users not solved their problems with Excel first, they’d still have no business case.

When Excel is the problem you can be sure the pre-Excel problem was much bigger.

Thread #2: One of my current consulting areas is application portfolio rationalization. It’s usually about enterprise applications that number in the hundreds, but sometimes clients want to consolidate desktop applications that, in large enterprises, easily number in the thousands, not including all of the applications masquerading as Excel spreadsheets.

It’s a shocking statistic, and a support nightmare!

Only it isn’t a shocking statistic at all. A typical Fortune 500 corporation might have 50,000 or more employees. With 50,000 employees, what are the odds there aren’t at least a couple of thousand different processes that might be improved through automation IT will never get around to?

It isn’t a support nightmare either. For the most part the applications in question are used by a dozen or fewer employees who are almost entirely self-supporting.

Support isn’t the problem. Lack of control is the problem. And, in highly regulated industries, lack of control is a real problem corporate compliance needs to solve. It needs to document not only that a given business function’s outputs are correct, but that its processes and supporting tools ensure they’re correct.

On top of which, information security needs to ensure applications with gaping holes are kept off the network, and that applications stay properly patched so that as new vulnerabilities are detected, new vulnerabilities are addressed.

All of this is certainly harder when each business function solves its own problems, but it’s hardly impossible.

And it’s much easier when IT is an active partner that helps business functions solve their own problems.

Thread #3: Once upon a time I was part of a team that redesigned our company’s CapEx governance process. We hit upon a novel idea: that our job wasn’t to prevent bad ideas from leaking through. It was to recognize good ideas and help them succeed.

It turned out we were on target. What we found was that bad ideas that needed screening out were few and far between. Good ideas explained badly? We saw plenty of those.

Tying the threads together: Large enterprises have lots of moving parts, which means small problems are real, worth solving, and too numerous for IT to handle on its own. Users engage in “rogue IT” to make their part of the business more effective, because they can and they should. IT ought to find a way to help their good ideas succeed instead of assuming they’re all pursuing bad ideas that have to be stopped.

The KJR solution: create a Certified Power User program (CPU — catchy, isn’t it?). Certified Power Users will understand the basics of normalized design so they can use MS Access instead of spreadsheets when they have a database problem to solve. They’ll know how to evaluate solutions professionally, so they don’t buy whatever looked flashy at a trade show. They’ll also know how to keep solutions patched, to minimize vulnerabilities.

And, they’ll keep an inventory of the small solutions they create and share it with IT.

In exchange, they’ll have administrative privileges for their PCs, and those of the users they support.

When you’re trying to persuade, “Let us help” is a more powerful message than “No you can’t.”

Comments

|In: Career Management|Last Updated:

Once upon a time there was a queen bee.

She enjoyed talking to her beekeeper, who, fortunately enough, enjoyed listening to her. She was fortunate, that is, because the beekeeper considered himself a poor conversationalist, and so was happy not to have to share the burden of finding interesting topics to talk about.

Queen Bee

And besides, there are lots of talking beekeepers around, but not so many talking bees, so he figured he’d take advantage of the opportunity while it lasted.

The beekeeper was in this way wise, but he wasn’t very bright. The evidence: The queen’s favorite topic was the land of milk and honey, and how she was going to lead the beekeeper there.

Finally the day came when the beekeeper couldn’t stand it anymore. “Let’s go!” he said to the queen, flushed with the enthusiasm that comes from a vision of a better tomorrow. “I don’t want to wait another day!”

So off they went to find the land of milk and honey.

Leaving behind a hive full of honey. And full of the worker bees who made the honey. Also all of the ingredients needed to make a new queen for the hive.

The moral of the story is, don’t be a queen bee CIO.

I ran across one of these characters not all that long ago. I had four one-hour conversations with him over the span of a couple of months. He was a visionary, talking in glowing terms about how the brilliant information technology he’d recently brought in and the new and even more brilliant information technology he was going to bring in soon that would transform the company.

Remarkably, in all of the time we spent together he never once mentioned anything about the department he “led,” what his plans for it were, where it needed to improve, or where it already excelled.

Unremarkably, nobody in the entire IT department could make a decision of any kind, with the possible exception of where to have lunch.

What causes an IT manager to become a queen bee? That’s for psychologists to diagnose, not workaday IT commentators. Or perhaps for budding ethologists. We could, I suppose, get them together to resurrect the pointless nature vs nurture debate, even though it was long ago resolved.

Bee it nature, nurture, or a combination of the two really doesn’t matter. A queen bee sits at the top of your IT hive, and you have to cope with her. Or him; unlike honey bee queens, both male and female CIOs can wear an apian crown.

So what you do if you report up to a queen bee CIO?

You could feed her/him royal jelly (pushing the metaphor to its limits, this of course means mastering the fine art of sucking up). This can work in the short term … queen bees do love hearing how brilliant they are … but it’s a bad habit to develop. Once this becomes your normal you’ll lose the habit of initiative and decisiveness that help you succeed in healthier environments.

And so you’ll find yourself seeking out queen bees to work for.

No thanks.

Then there’s the obvious solution: Leave. It’s the best general-purpose advice there is no matter which sort of bad manager you report to, because bad managers aren’t going to change — the attitudes and behavior that make them a bad manager are what, in their eyes, got them to where they are today.

So by all means, explore the world of opportunities that surrounds you.

But as you do, consider a different sort of departure.

As has been pointed out in this space from time to time, wise CIOs are starting to encourage what’s commonly called shadow IT — information technology that happens outside IT’s organizational boundaries.

Unwise CIOs still try to stomp it out, but fail.

Therein lies an opening you can exploit.

If there’s one thing you can be certain of, it’s that your corporate beekeepers will soon tire of the queen bee CIO’s tales of milk and honey. They want their milk and honey right now.

And if IT can’t deliver it, well, maybe shadow IT can.

With your help.

You will, of course, need to tread cautiously. But there’s a good chance your company has a director or three who have the budget and don’t care about obeying the IT governance process that’s been stymying them as they try to turn their own visions into business reality.

You know IT. You know the business (you do, don’t you?).

With finesse, you can be the person who actually does make IT happen.

Not a bad place to be when the CEO kicks the queen bee CIO out of the hive.

Comments