Skip to content

September 2, 2022

Summer Read Along: A Seat At The Table | Chapter 12 – Shadow IT

By Lucy Softich

Cover of A Seat at the Table: IT Leadership in the Age of Agility by Mark Schwartz, which also discusses the similarities between Shadow IT and open source software.In this series of blog posts, follow along as we revisit Mark Schwartz’s book A Seat at the Table: IT Leadership in the Age of AgilityFive years after its publication, it’s still highly relevant and chock full of tips, tactics, and learnings. Join us as we follow along with Online Marketing Assistant Lucy Softich as she reads through the book for the first time. Make sure you start with the introduction post!

Chapter 12: Shadow IT has an ominous name, but it is surprisingly upbeat.

Working in the Shadows

You are probably familiar with the term “shadow IT,” but I wasn’t, so I will briefly define it: shadow IT occurs when someone from outside the IT department starts using a system that the IT department did not establish.

This description immediately made me think of the “Rebel Alliance” group in The Unicorn Project; a group of engineers and developers that created their own IT systems within Parts Unlimited, eventually turning into the team behind the titular Unicorn Project and assisting in the full DevOps transformation detailed in that book and The Phoenix Project

And yes, that probably is an example of shadow IT, but it can be as simple as a team using a messaging app that’s different from the one used by the company at large or a single employee storing information on a non-work-issue flash drive.

A Red Flag, Not an Act of War

These seemingly small actions can have consequences, but Mark argues that shadow IT is more of a sign that something in IT is not working than an outright insult to IT. For whatever reason, a team has a need that’s not being filled by IT, so they find a way to fill it themselves.

Of course, the concern here is that, without the oversight of the IT department, these rogue users could be opening the company up to security concerns and vulnerabilities. This is a legitimate concern, but Mark argues that the solution isn’t to crack down on shadow IT but embrace it.

Coming into the Light

Mark harkens shadow IT to the open source world. In open source, there is no hierarchy; there are no managers issuing demands. Everyone gets to choose what they work on and how because it is a voluntary process. Similarly, shadow IT is not done because someone commands it; it is done voluntarily to solve a user’s specific needs as part of a community. And Mark says that bears a lot of similarities to the modern IT landscape.

Accompanying our transition to an Agile IT world and subtler in its implications has been the rise of community as a way of practicing IT.

Following this logic, it is not the act of shadow IT that is the problem, it’s the secrecy. If IT departments are open and willing to work with employees outside their departments to help them solve problems themselves, and these things are not being done “in the shadows” but out, visible to all, as with an open source project, then the arguments against shadow IT really just boil down to one: lack of control.

Relinquishing Control

This book circles back to control structures over and over again. The CIO’s desperate plea for that seat at the table is a request for more control. But on the other end, the shift to Agile and DevOps structures is about shifting control from leaders, who are too removed from daily work to be able to effectively dictate it, into the hands of the workers who have the highest knowledge about their job. 

In Mark’s view, a ban on shadow IT is just another attempt from IT to exert control on an entity that makes them feel powerless: the business. This battle for control can only keep us stuck in the same dysfunctional relationship that IT and the business have been in all along. Instead of continuing this battle, we need to learn how to step back and work with the business, not for it (or against it). And part of that is acknowledging that the IT department does not have a monopoly on IT knowledge, especially in this day and age, where more and more people are IT savvy and, increasingly, systems are incredibly user-friendly. It’s time to give up some of that control in order to be an equal partner in the business, instead of just a neglected department in the basement.

And that’s it for Part II! But don’t worry, we’re not done yet. In our next post, we’ll start looking at Part III: Sitting at the Table.

If you’d like to read more about flattened hierarchy structures, akin to the open source world, you should check out Matt K. Parker’s A Radical Enterprise: Pioneering the Future of High-Performing Organizations.

Jump to a Chapter

Introduction & Chapter 1
Chapter 2: Kept from the Table
Chapter 3: A Nimble Approach to the Table
Chapter 4: Planning
Chapter 5: Requirements
Chapter 6: Transformation
Chapter 7: Enterprise Architecture
Chapter 8: Build Versus Buy
Chapter 9: Governance and Oversight
Chapter 10: Risk
Chapter 11: Quality
Chapter 12: Shadow IT
Chapter 13: The CIO’s Place at the Table & Chapter 14: Exhortation and Table Manners 


- About The Authors

No comments found

Leave a Comment

Your email address will not be published.

Jump to Section

    More Like This

    What to Expect at DevOps Enterprise Summit Virtual – US 2022
    By Gene Kim

    I loved the DevOps Enterprise Summit Las Vegas conference! Holy cow. We held our…

    Map Camp: Weird Mapping – How to Create a Revolution
    By David Anderson

    A version of this post was originally published at Dave Anderson, author of…

    Serverless Myths
    By David Anderson , Michael O’Reilly , Mark McCann

    The term “serverless myths” could also be “modern cloud myths.” The myths highlighted here…

    What is the Modern Cloud/Serverless?
    By David Anderson , Michael O’Reilly , Mark McCann

    What is the Modern Cloud? What is Serverless? This post, adapted from The Value…