Photographee.eu - Fotolia
What’s the biggest human error threat to the enterprise? Could it be a clueless user that does something stupid?
Nope. While that user has the potential to cause problems, there are bigger threats in the realm of human error.
The scariest users from an IT perspective are ones who know just enough to introduce unsanctioned configurations, technologies, or software, but not enough to do so safely. These users engage in a form of Shadow IT. According to Gartner, by 2020, one third of successful cyberattacks experienced by enterprises will be on their shadow IT resources. Shadow IT can prove quite costly, as business data stored beyond company firewalls can be a vulnerable access point for malware creating expensive data breaches.
While shadow IT is undoubtedly a problem for many companies, there are actually benefits as well as a solution: DevOps.
When companies face resistance in adopting new cloud-based technology, the presence of shadow IT--typically early-adopters of new technology--can make that transition easier. And as your company updates its technology, this should allow for more interaction and education between IT teams and their shadow IT counterparts.
In some cases, shadow IT actually ends up being the impetus for a company's adoption of DevOps culture. Building a DevOps culture breaks down walls and silos, bringing in light that causes the shadows to recede. It can bring user ideas, concerns, or complaints into the open. The barrier-free nature of DevOps allows IT to gain a better understanding of user and developer needs and enables the entire enterprise to work on addressing the underlying issues, like why users feel compelled to bring in these outside technologies and work (along with developers) to address those issues.
Additionally, given that DevOps is all about continuous development and fast turnaround times, a DevOps implementation allows for rapid responses to these "rogue" users' complaints and/or ideas. IT and dev teams won't have to work for months to create and roll out a solution, and users won’t have to wait for a change, whether a fix or feature, to address particular concerns.
There will always be at least a handful of users who stand to undermine the integrity of the organization through shadow IT, but thanks to DevOps, they don't have to be a threat. To be clear, this does not mean that DevOps makes it acceptable or safe for users to openly engage in reckless behavior and go against best practices. Rather, DevOps collaboration enables IT teams to work with those users, using input to influence rapid solution development. It ensures users have the right tools to achieve their goals, along with the privilege of developing solutions for the rest of the business. Simply put, it's better for everybody when nobody has to operate in the shadows.