Following an initial period of curious caution, cloud technologies have gone from strength to strength, becoming an integral tool for businesses around the world. What’s more, the ongoing consumerisation of IT has meant mass market cloud services are now commonly used by the general public in their everyday lives.

This development has led to an interesting workplace phenomenon – employees in departments outside of IT are increasingly finding their own solutions to work problems via readily available online software. Whether it’s the head of sales setting up their own CRM system with Salesforce, or a mid-level manager sending large files over Dropbox, it seems that many employees are no longer willing to wait for the IT department to solve their problems.

Added innovation vs. cloud sprawl

There are some concerns around this development. Known as cloud sprawl, IT professionals state that many cloud services are unsuitable for enterprise use. In addition, it is widely accepted that having an unregulated, underlying shadow network can have a negative effect on the efficiency, effectiveness and security of wider corporate infrastructure.

While these are legitimate issues, businesses should think twice about trying to restrict the practice outright. Many are seeing increased innovation as a result of this departmental experimentation, suggesting that giving employees the freedom to choose the tools they use at work facilitates the emergence of new ideas and new ways of doing things.

One reason this direct departmental spending on IT (expenditure over and above the traditional IT budget spend) is boosting the amount of innovation taking place is that departments generally rely on faster trial and error methods than established IT investment planning protocol. While it is true that these experiments have a higher project fail rate, they also cost considerably less than large scale IT department initiatives. It is this freedom to investigate new approaches and get things wrong in a low risk environment that is partly responsible for the increase in innovation.

Managing IT in the age of BYOD

So, what should the IT department’s response to this trend be? The knee-jerk reaction may be to clamp down on the emergence of shadow IT, initiating and enforcing strict rules that prevent end-users and departments from engaging in this activity. However, the rise of Bring Your Own Device (BYOD) makes it difficult to truly eradicate it. Failure to recognise the scale of unsanctioned technology projects is a concern, but trying to implement an overly proscriptive regime is the wrong approach.

Instead, IT needs to do more to minimise the need for departments to go out and source their own services. First off, it needs to do more to better understand the wants and needs of the wider business. Too often, a gap exists between IT and business, with few people in between who speak a common language. As a result, IT and other departments can act in siloes, never truly understanding the pressures affecting their colleagues.

While the CIO has a responsibility to try and bridge this gap, there also needs to be an openness to the adoption of new business models, such as the introduction of departmental job roles with responsibility for IT. A Chief Marketing Technology Officer (CMTO), for example, would oversee all technology adopted by the marketing department, and would be responsible for both compliance with IT policy and reporting into the CIO.

By improving communication in this way, the IT department will be in a far better position to provide end-users with the services they need, thereby minimising incidences where they are independently acquired. What’s more, overseeing departmental activity in this way will provide the IT department with greater insight into the ways innovation can be integrated into initiatives.

Data security for disparate IT estates

Something that needs to be considered, now departments have more freedom to use personal mobile devices and cloud, is how best to secure an increasingly complex and disparate IT estate. Ultimately there needs to be a shift away from securing devices, to an approach that secures the data itself. This means employing technologies like Mobile Device Management (MDM), that can remotely augment and delete data, and data loss prevention products that can detect specific data leaving the system, using identifiers like keywords, and even stop it being moved to other locations.

While cloud sprawl is an issue that undoubtedly needs to be addressed, trying to shut it down without first understanding it will lead to further problems in the long run. It will also mean an end to the innovation that departmental IT projects generate. By working closer with individual departments, CIOs will be in a better position to bring innovative new services to the business, while simultaneously counter-acting the negative effects of cloud sprawl.