Leading platforms such as Mendix or OutSystems would come with robust security and compliance capabilities that many big organizations struggle to achieve and that are difficult to implement in application development. Imagine what business developers could build and innovate if IT provided the proper tools and guidance in terms of design, development, and security. On the “shadow side,” business understanding is translated into digital solutions-usually on low-code/no-code (LC/NC) platforms such as Excel-lacking IT governance and a structured development process. Most organizations have two distinct sources of enterprise applications (Exhibit 1). Transforming shadow IT to be a strategic asset Changes to a dependent IT system can cause disruption of the shadow application, thus disrupting business operations. In addition to external risks, shadow applications exacerbate existing IT technical debt with phantom couplings, which occur when a shadow application uses data from IT applications without IT knowing about the dependency. 1 Failure to comply with data regulations such as the General Data Protection Regulation (GDPR) can incur fines of up to €20 million or 4 percent of a company’s revenue. For example, the average total cost of a data breach, including business and technology costs, is $4.35 million. Applications are frequently developed without proper IT oversight, so a security breach or noncompliant solution can incur significant damage. However, shadow IT can also increase an organization’s risk. Some shadow IT applications are built as the glue between various siloed applications lacking features, enabling business departments to access them to support processes and decision making. IT’s existing technical debt also plays a role. Since IT departments cannot keep up with their growing backlog, departments and functions have routinely taken matters into their own hands to support their own needs. With the COVID-19 pandemic and the increase in remote work, the demand for digital services has only grown.
NO CODE ZERO CODE FULL
Organizations must embrace this reality to begin the journey to capture the enterprise’s full potential for digital value creation and capabilities. Shadow IT represents a double-edged sword: these applications support critical business activities, and are likely to grow with the advent of modern and more robust cloud-based productivity tools however, since shadow IT skirts the regular procurement, implementation, and governance processes, the applications can significantly increase an organization’s IT and security risks.Īs companies contemplate a path forward, it’s worth acknowledging two truths: shadow IT is essential for business operations, and talent capable of creating applications often resides outside the IT department. Many companies have struggled to rein in their organization’s shadow IT-applications, such as spreadsheets and desktop databases, created and maintained by different parts of the business but without the IT department’s knowledge or engagement. AugBy Duarte Begonha, Andreas Kopper, and Thanou Thirakul
0 kommentar(er)
