At our N-sight (held virtually) we dove into the world of shadows, taking a look at a few best practices and experiences…
The presentations from this X-change, and a link to the recording of the event, are available for our members (after log-in).
Get your assets out of the Shadow
Peter Verbeeck, Solution Advisor Specialist & Vendor Alliance/DPO, and Danny Uytgeerts, Technology Strategist & Security Officer/DPO at SoftwareONE, kicked off the session under the header 'Sh(adow)IT happens'. Shadow IT, they explained, is not only about using unsanctioned apps and tools, but also about using company-sanctioned apps in an ‘unsanctioned’ way. They highlighted the presence of the 'Superuser', the colleague with a particular knack for a certain app who takes over the support role from the IT department.
Managing Shadow IT requires a specific approach rather than a specific tool, they continued. The goal is to keep control of your data and processes. Managing Shadow IT is like fitting many pieces into a large puzzle. They presented four crucial puzzle pieces (from amongst many others):
Danny's main conclusion: this is not a one solution issue. Also, it's not about how your users handle your data, but about what they are going to do with it. Have your data flows under control and you don't need to be scared of Shadow IT.
The modern workplace, without shadow IT
Stefan Berth, Sales Director Mobile IT at mobco, shared his view on the hardware side of the issue, which is often either overlooked or unrecognised. Stefan stressed the importance of user choice.
The hardware aspect can be related to a specific device, e.g. people preferring an iPhone over Android. For mobile phones, a company-issued SIM card can be put in any compatible phone. If people do not like the company-issued device, they can very easily change this for a personal device.
But the hardware aspect can also be related to specific circumstances where people have to do with what they have available. Covid-19 has forced many people to work from home, requiring them to rely to some extent on personal hardware instead of company hardware. Potential issues include software compatibility or lack of hardware support.
Stefan believes we can add to the approaches of 'no control' and 'top control', the approach of 'partial control', where the company remains in control of the data (slides 6-8). So should we still care about Shadow IT? Yes!
Finding the perfect balance between 3 pillars is key when dealing with Shadow IT, and involves:
How to find that perfect balance? Communication is key: talk to all stakeholders within the company:
And don't underestimate the power of the younger employees, who are eager to work with the tools of their choice. 73% of millennials (born between 1981 and 1996) state that workplace technology influences their choice for their next job.
By taking a proper approach, every stakeholder sees results:
"Shadow IT is all about data, about the use or the mis-use of data." Peter Verbeeck and Danny Uytgeerts of @SoftwareONE_BE share their vision on #ShadowIT. #VirtualMeeting #InformationSecurity #ITGovernance #ModernWorkplace #KnowledgeSharing pic.twitter.com/HUq55snzxZ— @beltug (@Beltug) April 23, 2020
How to find perfect balance between IT Operations, #UserExperience and #DataSecurity to tackle #ShadowIT? Communication is key, Stefan Berth of @mobco tells us. With all stakeholders: IT, Telecom Manager, Support, HR, Procurement and Business Units. #KnowledgeSharing pic.twitter.com/IhWia0HVtI— @beltug (@Beltug) April 23, 2020
Access to more information about this topic and/or to download the paper is easy and fast, but exclusively for Beltug members (just login to get access).
Beltug gathers a lot of information. Here you find the advantages of Beltug membership
The Beltug Team
Click here to login