SYS-CON MEDIA Authors: Zakia Bouachraoui, Liz McMillan, Carmen Gonzalez, Roger Strukhoff, David Linthicum

Related Topics: @CloudExpo, Java IoT, Microservices Expo

@CloudExpo: Blog Post

Bringing Shadow IT into the Light By @bcferrycoder | @CloudExpo #Cloud

There are good reasons why the practice (malpractice?) of Shadow IT is so common

Going Rogue with PaaS: Bringing Shadow IT into the Light

In a recent blog I suggested that it's okay to install PaaS on a couple of PCs, and run them "under the desk" for cloud development. This immediately provoked a comment from a reader who said "You're not endorsing Shadow IT are you?"

Well in fact I am. By the end of this blog you will too.

What Is Shadow IT?
Shadow IT, aka Rogue IT, has a bad rep. And it probably should. It can compromise security, increase IT costs, result in dangerous leakage of data and IP, and get people fired. It also generates friction and thus expands the already too wide rift between developers and IT.

In a nutshell, Shadow IT is practicing IT without IT's permission. I'll focus on Shadow IT as practiced by developers here. A common example is bypassing the internal resource request process and spinning up VMs on AWS for application development. Or using a DBaaS like MongoHQ or Google Cloud Datastore for instant access to a fast, redundant, reliable, always-available datastore. Other examples include using DropBox to store corporate files, using Evernote to store notes, github to store source code, collaboration software too like yammer, and LastPass for password management.

Not all rogue IT happens in the cloud. For example, a developer using IntelliJ IDEA instead of the corporate-mandated Eclipse for Java can be considered rogue. Or the league of users who have surreptitiously installed Firefox or Google Chrome to avoid the anguish of IE9.

My favorite rogue activity is the practice of configuring a PC with a bunch of memory then putting it under a desk and making it available to the whole team for spinning up VMs. I've seen this behavior at multiple companies where the sanctioned process to spin up a VM is just too arduous.

Why Is Shadow IT Rampant?
There are good reasons why the practice (malpractice?) of Shadow IT is so common.

It comes down to the huge barriers to getting any work done. In many environments, if a team needs a cluster of VMs, they must submit multiple service tickets and then wait, days, or even weeks before all the pieces come together and the new VM is available. It's actually often worse than this. I frequently talk to developers who tell me it can take months to get a VM provisioned on their network.

And it's not just about acquiring resources. Often, archaic and restrictive network rules are in place, where all traffic has to go through an ornery and overly-restrictive proxy server, and networks are partitioned in such a way that moving bits from one place to another is probably easier done using smoke signals than trying to navigate the internal network.

Another reason for rogue activity among developers is due to restrictions on software and behaviors. Internal policy often banishes all software that hasn't yet been vetted by the internal compliance team, which doesn't have the bandwidth or motivation to validate all the cool technologies out there, many of which might significantly benefit your development effort. The end result is that a developer's request for a resource is declined, often after many days of the ticket languishing in the system.

Another significant factor in rogue IT's popularity is that it's just so darned simple, especially compared with the internal, non-rogue way of doing things. The promises of the cloud are truly being delivered: self-service, on-demand, elastically scalable resources can be obtained in minutes with nothing more than a credit card. Facing the choice of waiting five minutes vs. three months to get a VM, it's a no-brainer to go the "rogue route."

Prohibition Is Not the Answer
A natural reaction to the proliferation of rogue IT is to erect more barriers. Indeed, that is exactly what happens. Developers are prohibited from having root or admin access on their systems. Networks are getting more locked down. Software choices are being further restricted. Processes get heavier and more arduous.

This all boils down to disempowering the software team. Requiring someone to ask for resources, then making them wait for a response, and ultimately denying the request is demoralizing, and establishes a false and dangerous hierarchy between the dev team and IT. Nothing good comes out of this division, only discontent, angst, resentment, attrition. Not to mention long and costly delays.

Empower vs. Hobble
Network restrictions, lack of trust, authoritarian proxy servers, software restrictions, tedious and time-consuming processes: it's a wonder anything gets done, at the office. Home is a different story, and I know way too many developers who endure the corporate restrictive agony during the day, then go home to their fast open networks and unlimited access to software where they're enabled to get productive. Then they show up the next day blurry-eyed, tolerating meetings, making it through until days-end when they can go home and, again, actually get real work done.

Surely there's a better way.

Rogue IT Under the Desk
Let's circle back to to the practice of putting a couple of PCs under a desk and sharing it. This is generally considered rogue. That is to say, it's not encouraged by IT. Why would this be? There are several reasons:

  • The PC takes up address space on the network, it consumes power, it's likely configured in a non-standard way, and is probably not being backed up.
  • If the person who built it were to vanish, it would take time and effort to figure out how it was configured.
  • Software installed on the PC might be unsanctioned or prohibited by IT.
  • Then, after the development/experimentation period is over, the process to move whatever was built on it to IT-supported servers is complex and unclear.
  • Finally, there's no way to charge-back for resources used.

Are These Valid?
Some of these are valid reasons, some are not.

First, let's discount the extra power required to run a couple of PCs under a desk. Compared to the average cost of a booth at a trade-show, I'll bet the cost of powering a few PCs is a round-off error of a round-off error.

Address-space on the network is similarly negligible. Sure, we're running out of public IPv4 addresses, but that doesn't apply on a corporate LAN where you can have all the addresses you need.

The remaining issues can be resolved with PaaS and some simple practices.

"Under-the-Desk" PaaS to the Rescue
With PaaS installed on an under-the-desk PC, there's less risk if the person building it leaves. PaaS is (or should be) trivial to install, so even if an existing cluster of under-the-desk PCs were to melt down and the original team responsible for it were to leave, it should take under an hour to rebuild it all again. (It's also worth noting that the under-the-desk solution will probably result in the person staying longer in the first place, as they experience less frustration than having to deal with a cumbersome ticketing system. Keeping your developers happy is a good way to reduce project turnover and results in greater productivity.)

The PaaS running under the desk is, for all purposes, exactly the same as the PaaS running in the data center or in the cloud so there is no unsanctioned software. The configuration is identical and moving applications from under-the-desk to the data center to the cloud is trivial.

The under-the-desk PaaS would have nothing extra on it except application code and configuration code, both of which should be stored in the SCM. Backups are no longer an issue, and the PaaS system would be a commodity, ephemeral, and from the viewpoint of the developer, precisely the same as the PaaS in the data center, or out in the cloud. So moving software from the PC PaaS to the cloud PaaS, once it's ready for prime-time, is trivial.

The only issue not addressed here is charge-back. But if charging internal users for IT is more important than innovation, retention, and software delivery, then we're done here. Please put down this blog and step away from the cloud.

BYOD on PaaS: Bring Your Own Data Center
An under-the-desk PaaS, compared with a legacy cumbersome ticketing system, brings power and flexibility to the development team. It brings a new meaning to the term BYOD, which typically involves bringing a personal tablet or phone into the office for corporate use. Now with Private PaaS, your device can be your data center.

And PaaS makes it possible. It could be argued that almost all IT innovation today is happening in the shadows of IT. Best to embrace it, with PaaS as the perfect enabler to make that innovation go even faster. Given the simplicity of getting started with a Cloud Foundry PaaS, it's trivially easy to prove out PaaS in a shadow IT framework and then move it into a more structured use once its value is evident. As it surely will be.

Download the free Stackato Micro Cloud and sign up for the 20GB license today and see how easy it is to try out your own "under-the-desk" PaaS.

The post Going Rogue with PaaS: Bringing Shadow IT into the Light appeared first on ActiveState.

More Stories By John Wetherill

Originally from Canada, John has spent much of his career designing and building software at a handful of startups, at Sun Microsystems, NeXT Inc., and more recently in the smart grid and energy space. His biggest passion is for developer tools, or more generally any tool, language, process, or system that improves developer productivity and quality of life. Without question, Stackato is one such tool and the reason why he is here. No stranger to technology evangelism, John spent several years in the late 1990's on Sun's Technology Evangelism Team spreading the Java Gospel across the globe and focusing on the prolific number of Java technologies. Now John is now returning to his roots, as a technology evangelist working for a Canadian company, albeit remotely from Santa Cruz.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.

Latest Stories
Moroccanoil®, the global leader in oil-infused beauty, is thrilled to announce the NEW Moroccanoil Color Depositing Masks, a collection of dual-benefit hair masks that deposit pure pigments while providing the treatment benefits of a deep conditioning mask. The collection consists of seven curated shades for commitment-free, beautifully-colored hair that looks and feels healthy.
The textured-hair category is inarguably the hottest in the haircare space today. This has been driven by the proliferation of founder brands started by curly and coily consumers and savvy consumers who increasingly want products specifically for their texture type. This trend is underscored by the latest insights from NaturallyCurly's 2018 TextureTrends report, released today. According to the 2018 TextureTrends Report, more than 80 percent of women with curly and coily hair say they purcha...
The textured-hair category is inarguably the hottest in the haircare space today. This has been driven by the proliferation of founder brands started by curly and coily consumers and savvy consumers who increasingly want products specifically for their texture type. This trend is underscored by the latest insights from NaturallyCurly's 2018 TextureTrends report, released today. According to the 2018 TextureTrends Report, more than 80 percent of women with curly and coily hair say they purcha...
We all love the many benefits of natural plant oils, used as a deap treatment before shampooing, at home or at the beach, but is there an all-in-one solution for everyday intensive nutrition and modern styling?I am passionate about the benefits of natural extracts with tried-and-tested results, which I have used to develop my own brand (lemon for its acid ph, wheat germ for its fortifying action…). I wanted a product which combined caring and styling effects, and which could be used after shampo...
Steaz, the nation's top-selling organic and fair trade green-tea-based beverage company, announces its 2017 "Mind. Body. Soul." tour, which will bring authentic experiences inspired by the brand's signature Mind. Body. Soul. tagline to life across the country. The tour will inform, educate, inspire and entertain through events, digital activations and partner-curated experiences developed to support the three pillars of complete health and wellness.
The precious oil is extracted from the seeds of prickly pear cactus plant. After taking out the seeds from the fruits, they are adequately dried and then cold pressed to obtain the oil. Indeed, the prickly seed oil is quite expensive. Well, that is understandable when you consider the fact that the seeds are really tiny and each seed contain only about 5% of oil in it at most, plus the seeds are usually handpicked from the fruits. This means it will take tons of these seeds to produce just one b...
The platform combines the strengths of Singtel's extensive, intelligent network capabilities with Microsoft's cloud expertise to create a unique solution that sets new standards for IoT applications," said Mr Diomedes Kastanis, Head of IoT at Singtel. "Our solution provides speed, transparency and flexibility, paving the way for a more pervasive use of IoT to accelerate enterprises' digitalisation efforts. AI-powered intelligent connectivity over Microsoft Azure will be the fastest connected pat...
There are many examples of disruption in consumer space – Uber disrupting the cab industry, Airbnb disrupting the hospitality industry and so on; but have you wondered who is disrupting support and operations? AISERA helps make businesses and customers successful by offering consumer-like user experience for support and operations. We have built the world’s first AI-driven IT / HR / Cloud / Customer Support and Operations solution.
ScaleMP is presenting at CloudEXPO 2019, held June 24-26 in Santa Clara, and we’d love to see you there. At the conference, we’ll demonstrate how ScaleMP is solving one of the most vexing challenges for cloud — memory cost and limit of scale — and how our innovative vSMP MemoryONE solution provides affordable larger server memory for the private and public cloud. Please visit us at Booth No. 519 to connect with our experts and learn more about vSMP MemoryONE and how it is already serving some of...
Darktrace is the world's leading AI company for cyber security. Created by mathematicians from the University of Cambridge, Darktrace's Enterprise Immune System is the first non-consumer application of machine learning to work at scale, across all network types, from physical, virtualized, and cloud, through to IoT and industrial control systems. Installed as a self-configuring cyber defense platform, Darktrace continuously learns what is ‘normal' for all devices and users, updating its understa...
Codete accelerates their clients growth through technological expertise and experience. Codite team works with organizations to meet the challenges that digitalization presents. Their clients include digital start-ups as well as established enterprises in the IT industry. To stay competitive in a highly innovative IT industry, strong R&D departments and bold spin-off initiatives is a must. Codete Data Science and Software Architects teams help corporate clients to stay up to date with the mod...
As you know, enterprise IT conversation over the past year have often centered upon the open-source Kubernetes container orchestration system. In fact, Kubernetes has emerged as the key technology -- and even primary platform -- of cloud migrations for a wide variety of organizations. Kubernetes is critical to forward-looking enterprises that continue to push their IT infrastructures toward maximum functionality, scalability, and flexibility. As they do so, IT professionals are also embr...
Platform9, the leader in SaaS-managed hybrid cloud, has announced it will present five sessions at four upcoming industry conferences in June: BCS in London, DevOpsCon in Berlin, HPE Discover and Cloud Computing Expo 2019.
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
When you're operating multiple services in production, building out forensics tools such as monitoring and observability becomes essential. Unfortunately, it is a real challenge balancing priorities between building new features and tools to help pinpoint root causes. Linkerd provides many of the tools you need to tame the chaos of operating microservices in a cloud native world. Because Linkerd is a transparent proxy that runs alongside your application, there are no code changes required. I...