GigaOm reports on the lesser-publicised side of BYOD: Stealth IT. Is it happening in your company? Is it the result of a frustrating, bureaucratic approval process; or necessary security controls?
The acronym BYOD, which stands for bring your own device, is taking over both corporate America and the press release filter in my inbox. But an analyst report out Monday suggests that BYOD has a flip side that no one talks about — Stealth IT, or the IT pro side of the consumerization trend that has swept corporate America.
There are employees bringing their own devices and apps into the workplace, as summed up by the BYOD discussions, and on the other side are IT managers taking their own credit cards (or corporate cards), grabbing company data and then playing in the cloud. Deutsche Bank notes that the issue of employees taking data and devices outside of corporate firewalls (or leaving them on airplanes) is one management headache that is getting a lot of attention and products, but the concept of Stealth IT is still ripe for new businesses and startups.
It describes the trend like this:
A much more common trend is that internal IT staff find a problem. They need more computing power, or more storage, or some outside analytical tool. Getting approval for this can often be complicated, sometimes for good reasons (i.e. security) sometimes for less good reasons (i.e. inertia and bureaucracy). Faced with a real-world problem to solve, these tech-savvy staff suffer from insufficient resources. So instead, they turn to some of the publicly available resources. The best-known of these is probably Amazon’s Web Services (AWS), but there are many, many more. … Often these expenses can be camouflaged by use of personal credit cards, or expensed as technical manuals. After all, the expense line on the credit card bill just says ‘Amazon’. A few hours of Amazon compute time typically results in two digit bill.
As someone immersed in discussion around enterprise IT and access to platforms and infrastructure as a service, I feel like this is putting a sexy name onto a problem that is already well-known among entrepreneurs, corporate IT, and even large companies trying to deliver compliance solutions aimed at this very problem. But DB says the issues go beyond compliance.
For example, the DB report asks what happens if the employee managing a corporation’s secret development sandbox in Amazon Web Services leaves. Suddenly no one in the corporation has access to that resource. Also, by going around the official processes, IT managers don’t create demand for cloud services in-house, leaving management in the dark about the potential benefits of creating an in-house platform or infrastructure as a service cloud.
I don’t find this last reason all that compelling, but I’m not the target audience of compliant-crazy and control-oriented enterprises. Easy access to devices and computing brought about by consumers choosing their own solutions instead of complicated and PC-bound corporate options are making it hard for corporations that are bound by regulations, legislation and basic corporate governance to meet compliance standards.
The folks at Deutsche Bank seem to think that a better user interface to corporate resources on the computing side and friendly apps will go a long way to solving the issue of stealth IT, but if slapping a pretty interface on top of the problem is the solution, then this isn’t that much of a problem. However, cutting through bureaucracy, giving programs a usability overhaul and finding platforms and infrastructure services that are built with compliance in mind are ways to put the kibosh on (or at least help control) corporate IT managers feel like they have to go rogue in order to get a few virtual machines.