November 21, 2018 by Kenneth Fisher
Shadow IT has been, well, maybe not the bane of the IT department, but certainly a pain in the neck. On the off chance you’ve never heard of shadow IT do any of these sound familiar?
- A user asks you to restore a corrupt database on a SQL Server you’ve never heard of and isn’t in your inventory. (And 50/50 odds there’s never been a backup taken.)
- You do a licensing true-up and dozens of new SQL Servers suddenly show up.
- You hear from a user: “We have this mission critical Access database that suddenly isn’t working. I know you don’t support access but you’re the database person so we need you to fix it.”
- “I’m sorry, we don’t grant sysadmin.” “Really? Bob never had a problem with it.” “Who’s Bob?” “The DBA the accounting department hired because y’all were too expensive.”
- “We need a new feature added to the complex Excel program Bob wrote.” “Who’s Bob?” .. see above
- “We have a Windows 3.1 server that sits under Jane’s desk. We need you to take over support and upgrade it to something more modern. But make sure everything on there still works.”
In case you hadn’t guessed Shadow IT is when other departments take over work that is traditionally part of the IT department. Frequently with .. less than optimal results. You’ll see this more often in larger companies where the Accounting department has the funds to hire it’s own DBA, or the Marketing department happens to have an expert in Access etc. And typically it happens because the restrictions (No sysadmin, maintenance windows, periodic upgrades, and downtime, etc) and internal cost are more than the group wants to deal with. I mean who wants to pay $100 an hour for the IT department to do work when you can hire your own developer for $50 an hour? The problem is that those restrictions and costs etc are there for a reason. Maintenance has to happen, it costs more to have DR, space for backups and so on.
Ok, so what does this have to do with the cloud? Over the years I’ve noticed that IT departments have gotten better at rooting out shadow IT, anticipating it, explaining the reasons for the cost of IT etc. Unfortunately (fortunately?), with the cloud, creating your own machines, databases, etc is fairly easy and you can just completely avoid the unnecessary expense of dealing with the IT folks. (The DBAs in particular. They always say “No”.) The cloud is billed as cheap and easy. You don’t need IT! The cloud vendor does it for you!
And to be fair, some of that is true. The cloud vendor does have a lot of people working behind the scenes to make sure that servers stay up, that there’s lots of space available and so on. And on the surface, the cloud does look cheaper, particularly when you get rid of all those IT people. What gets missed is that while some IT expenses go away some are still necessary.
As an example, one of the cool things about the cloud is that (depending on setup) you only pay for the resources that you need. That means that performance becomes very directly related to cost. Where before if your batch process took 12 hours it was no big deal. It ran when you weren’t using the server anyway. Well, now you pay more the longer that process takes.
In another, very personal example, I managed to spend ~$100 over a couple of days because I was unaware of how much the server portion of a stretch database setup would cost. $100 isn’t much in an enterprise system but that’s the thing about the cloud, small mistakes can be amplified by the same tools that make the cloud so powerful.
Basically what I’m saying is that the ease and versatility of the cloud has made shadow IT both more prevalent and more dangerous. IT departments have processes and controls in place for a reason, not to mention a fair amount of shared experience. That reason and experience aren’t less important with the advent of the cloud. It’s more so.