When we talk about cloud service adoption in general (DaaS, SaaS, etc…), the overwhelming majority of arguments against such solutions has to do with corporate policy or trust issues rather than technical problems (not that those don’t exist). We spent a large portion of our DaaS book talking about them, and just about every conversation I’ve ever had with a potential DaaS customer centers on dealing with those issues of trust and availability. It’s the kind of thing that keeps CIOs up at night, and prevents companies from adopting what might end up being a better overall solution.
Of course we already know that these concerns have little effect on individual employees. They are increasingly able to find ways circumvent IT’s wishes and do things they way they want to do them. While that alone should contribute to CIO insomnia, few have considered another vector: it’s happening at the department level, too.
From corporations to education to government, individual departments that want features that IT can’t or won’t provide are taking matters into their own hands and subscribing to cloud services. This isn’t quite as low-level as the Consumerization of IT, where individual users are circumventing corporate IT policy so that they can work their own way, this is organized, department-level adoption of cloud services. It’s Departmental FUIT.
Even though the source of the problem is different from straight-up CoIT, the end result is the same. IT has no idea this is happening unless they’re specifically looking for the activity in question on the network. It never hits their budget, and users know where the service is being provided from and call the provider for support rather than the help desk.
It’s also different because it indicates dissent from within the organization’s own units. If enough departments start doing something, it’s quite possible that it can become standard practice before IT is aware. What happens when IT finds out and has to tell department heads that they have to stop doing things the way they are doing them? I’ll bet they don’t go quietly.
We’ve written in the past about how individual users are using Dropbox and Salesforce, and this is still happening, but there are a surprising number of instances where decisions are being made at the department level to use other services like DaaS. At the Citrix CTP meeting the last few days, I heard several stories from fellow attendees of instances where departments took it upon themselves to subscribe to one service or another. In some cases this was eventually discovered and shut down, but in others they are still going strong.
For service providers that don’t want to be burdened with convincing IT departments that their offering is reliable and secure, this is good news because they have another way to enter organizations. Ironically, it’s not a new story.
Back in 1998 when I first started in the desktop virtualization space, installing Citrix MetaFrame 1.8 on Windows NT 4.0, we did a surprising number of workgroup-sized deployments. These weren’t for IT departments, they were for the Legal or Accounting departments who needed to solve a problem that IT couldn’t, or wouldn’t solve for them. This sounds borderline irresponsible, both on the company’s part and on our part for doing the work, but at the time only the most organized companies had comprehensive, datacenter to end user IT operations. Departments tended to be on independent islands, connected to the same network but with individual file servers, application sets, and even hardware types. It was more or less “normal” for a department to requisition a few extra phone lines to be plugged into modems that were plugged into their shiny new Citrix server.
Today we’re at a similar crossroads where the organization of the enterprise IT may or may not be in lock step with the individual departments’ needs. If a company is behind the times, playing catch-up to departmental needs, the likelihood of of departments taking matters into their own hands is relatively high. CIOs have something else to look out for, but the goal shouldn’t be to snuff it out, it should be to find out how the IT department can address the issues the departments are having.