Rogue IT decision for the future?

I recently read this article recently about how this CEO had fallen head over heels for his iPad, the marketing team has set up shop on every social media site known to man, the sales group has secretly purchased its own software-as-a-service subscriptions and the VP of operations decided to run its supply chain on the cloud.

He called this Rogue IT. I don’t know if that is the right name for it, but I think something really big is happening in IT, with little and big companies of all types.

The whole world, it seems, is going rogue;-)

We have been using PC’s for decades, and the tablets, laptops and smartphones are really just portable computers running different types of operating systems and programs/apps. Companies have been using computers in a controlled and stable environment, but effectively these systems use the same operating systems and programs/apps.

So this is kind of the question I have concerning this and our computers, tablets, smartphones:

Companies are made up of people, infrastructure and products/services – the IT departments are there to provide the infrastructure that best fits the company and the people working there – so shouldn’t BYOD, consumerization of IT and the rise of the cloud be something that IT departments embrace?

I can understand that IT have real and very legitimate security fears about BYOD, the cloud and program/app control – but doesn’t the basic business reality of competition dictate that they must allow the employees to choose what they need to best perform their work?

The example I can give is that at our hospital, the IT department issued their BYOD policy which stated that nobody could text or email any hospital or patient info from their own devices. This was actually something started back a few years ago. The thing is that the doctors were texting patient info all the time, to other doctors and admin. Eventually, one of the doctors found out about some of the HIPAA fines for text messaging, and did his own research an got an app that allows for HIPAA compliant text messaging (Tigertext) . He got all the doctors and admin to start using it. The funny thing is that the IT department was the last to find out. At that point, they had no choice to accept it, and make it part of their BYOD policy.

So, I just wanted to through this out there to see what you think about this Rogue IT movement. Is this the future of IT, where the employees determine the business tools, and IT makes it official and secure?

Or, should IT crack down on any kind of IT decisions that are not made and controlled by them?

I want to go to IT and work with them on some other apps and further developing the BYOD policy, but I wanted to get any thoughts or input on this subject before I do.

Does anyone have any good experience on this that they can share?

 

That's the type of situation where the big boss should get both groups together, hear both of their positions, and implement a policy that takes care of the needs of both, before it becomes an internal power struggle.

 

The answer totally depends on the business.

In environments where regulations mandate certain security measures, then the requirements will drive the BYOD policy.

If the management sees security as an obstacle to getting work done, then the "rogue IT" movement will eternally win. In environments where the security team understands that they have to serve the business, then there can be a happy balance.

 

BYOD is better renamed Buy Your Own Malware, for Android devices anyways.