Redefining IT Decision-Making in the Age of SaaS
More and more, workers are adopting their own SaaS solutions in business. Is this “shadow IT” a boon to business, a threat to security, or both?
Digital technologies are constantly changing the way businesses get things done by providing new ways for them to reach customers and making it easier to adapt to changes in the market.
Cloud-based software delivery, for example, has lowered barriers to entry for enterprise-grade tools for marketing automation, hyper-focused collaboration and artificial intelligence-enhanced customer success messaging. It’s truly a new era when it comes to efficiency and productivity in the enterprise.
By 2025, more than 85% of companies will adopt a cloud-first principle, and without cloud-native architectures and technologies they won't be able to totally achieve their digital strategies, according to research firm Gartner Inc. In addition, Gartner estimates that by 2025 more than 95% of new digital workloads will be deployed on cloud-native platforms, up from 30% in 2021.
Of course, transitioning conventional workloads to the cloud can pose many key challenges and identifying the right solutions to adopt can be a process unto itself. (Read also: Hybrid IT: What It Is and Why Your Enterprise Needs to Adopt It as a Strategy.)
The business application space has become saturated with thousands of SaaS solutions that cater to virtually every business need. On average, organizations use 300-600 cloud apps across various teams, adding 15-25 new apps every month or 180-300 new apps every year, according to Torii, a platform for SaaS management.
However, no one’s waiting for IT to give them the green light as increasingly non-IT stakeholders have a say in IT purchasing decisions.
Today, each team at each company needs to build its own tech stack, that elusive combination of software products that serves the team best given the parameters of its specific situation. Failure to do so can result in confusion, waste, redundancies, collaboration roadblocks, increased cybersecurity risks and even data leaks.
Uri Haramati, Torii's co-founder and CEO, offered his thoughts about the evolving dynamics of IT decision-making in this age of SaaS. Here are some of his most compelling insights.
End Users Now Drive IT Matters
Technical expertise among non-IT personnel is increasing. Today’s younger staff members are quite tech-savvy and prefer to select their own SaaS applications on a self-service basis. They don’t require as much handholding from the IT department compared to their older counterparts.
This allows organizations to embrace new operations paradigms, such as DevOps, which streamlines processes between software developers and IT operations teams. Today, other business areas are following suit, with roles such as sales ops, marketing ops and even design ops rising in popularity.
“I have no doubt that companies will need to adjust to having more decision-makers around software,” notes Haramati.
In some places, it’s already happening. The control over software is becoming more and more distributed. Department heads are already assuming the responsibility of budgeting software in their own allocations. It simply makes sense for end users to have the loudest voice in choosing these tools.
“It’s about adopting software that enables them to be at their most productive and not the one that fits the IT teams’ preferences,” he adds.
Shadow IT Is a Double-Edged Sword
SaaS has made it easy for non-techies to acquire digital solutions by making tools available through their web browsers, gated only by subscription opt-ins.
Previously, companies had to spend upfront to purchase software licenses and then manually install packages in local servers or workstations. Through SaaS, small teams and even individual staff members can readily get access simply by using their discretionary budgets or company credit cards.
Some are even free to use or offer “free forever” versions, making it even easier for line-of-business employees to hop onboard unassisted. (Read also: 10 Myths About Multi-Cloud Data Management.)
SaaS also requires little to no setup since most services are accessible through web and mobile applications. Gone are the days when implementing software had to be a long-drawn process. However, this ease of adoption has also resulted in what is now referred to as “shadow IT,” all of those applications and tools used by staff while skipping the IT department authorization process. Unsanctioned tools are commonly treated negatively by most administrators.
“The disadvantages to shadow IT are obvious,” says Haramati.
Unregulated SaaS use can lead to a bloated and disorganized infrastructure. Companies can end up with a collection of fragmented tools that create messy workflows. Using poorly designed applications can also introduce vulnerabilities and security risks. Considering the rampant threat of cyberattacks, security risks are definitely something companies have to be wary of.
These disadvantages even mirror the top worries of IT leaders. Over the next three years, chief information officers and chief information security officers will continue to prioritize cybersecurity, according to the Deloitte Global 2021 Future of Cyber Survey released in November 2021.
“Respondents ranked security capabilities (64%), enhancing privacy capabilities (59%), demonstrating compliance capabilities (50%) and improving business efficiency and intelligence (45%) as the drivers for their adoption of emerging technologies,” according to the report.
However, while most dwell on these negatives, Haramati views shadow IT as an indicator of staff members’ praiseworthy interest in doing their jobs more efficiently.
“The fact that they are trying out new tools, means that they want to be better at their work,” he says. “Why should management dampen such a positive attitude? Instead, leaders should value their employees’ drive to be better and find out how their existing processes can be improved upon.”
Self-service, distributed IT, then, has its advantages. Still, the risks brought about by shadow IT are real, although they can be mitigated through proper SaaS lifecycle management. (Read also: Top 10 IT Pain Points and How to Solve Them.)
IT Teams Are Now Productivity Enablers
IT must now come to terms with updated responsibilities given the new scheme of things. Instead of functioning as the primary decision-makers when it comes to technology, they must now view themselves as productivity enablers.
“IT teams need to update their mandates,” asserts Haramati.
Fundamentally, they should now be responsible for building a capable and stable IT infrastructure. Even the best tools will be hindered if networks and devices constantly suffer downtime. As far as decision-making goes, IT still has a meaningful role to play in the process. They are the ones with the widest view of the organization, its systems and its software needs, which requires being an authority when it comes to technical knowledge, security knowledge, procurement and compliance.
Involving others in decision-making processes should also ease some of IT teams’ burdens. IT now has to work on other matters, such as security, access management, data protection and endpoint maintenance. By taking a more collaborative position in respect to the other departments, IT can be seen by the rest of the organization as partners in unlocking productivity, rather than simply as stingy technology gatekeepers.
Holistic Stack Management Is Key
Today’s companies have to clearly define their software procurement and onboarding processes. The responsibilities of IT managers and others have to be clearly delineated in order to prevent friction across departments, as well as data governance dangers. The IT department can’t be the sole voice in these decisions anymore — everyone must collaborate to ensure that teams use the best solutions available.
The idea is to provide flexibility for teams to select the best tools for their jobs but with enough safeguards to prevent runaway shadow IT. While other departments gain latitude in acquiring their preferred tools, IT is still being held responsible for staying on top of the big picture. All SaaS subscriptions must be accounted for, and the integrity and safety of all company data processed and stored in these services must be guaranteed.
The organization’s technology choices must, in essence, lead to better productivity and efficiency, without introducing unnecessary risks.
Updated from an article originally written by Pini Raviv.