iStock tech

Shadow IT is not a serious threat to organisations - merely a disruptive influence on the old broken model of IT departments as a supplier to the rest of the organisation, according to a CIO panel.

Speaking at the CIO UK Big Conversation on Retaining Control of the IT Strategy, Centrica CIO Rod Carr said Shadow IT was really just a way of people solving their own issues.

"Do we have technology at Centrica I'm unaware of? Of course we do," Carr said.

"But am I bothered about that? Not so much. If I've got people who want to go out there and kill their own food, solve their own problems I won't stop them."

CIO 100 member Carr said that customer data and its oil exploration side were a "sacrosanct privacy issue" for the utilities company, but that culture, leadership, and a mixture of the carrott and the stick can help as well.

"We're very strict around customer data," Carr said. "There are simple rules about what you can and can't do with data, and if you can't follow them you get fired.

"There are technological and non-technological solutions to these problems. When we catch them we fire them; and sometimes we prosecute them too."

The panel also featured CIO UK columnist Matt Ballantine and EMEA vice president of enterprise sales at Box, Ian Pollard.

Ballantine said that the old model of IT departments being the technology supplier to the rest of the organisation is broken and long gone, and that Shadow IT has always existed and actually fuelled innovation, whether it was a pet server under someone's desk or the earliest adopters of Microsoft Excel spreadsheets and Acccess databases.

"If people aren't doing it already it's either not a good idea, you don't need it, or there's a serious regulatory barrier stopping you from doing it," Ballantine explained.