CoIT: An IT Nightmare?

the screamFor the average worker, it might seem like a dream come true. However, I suspect that some information technology folks consider it a nightmare. What’s the issue? The advent of the consumerization of IT; something Scott Finnie calls “CoIT.” Dion Hinchcliffe describes the elements of  CoIT in the following way:

1) businesses taking more local control for IT, 2) workers using their own preferred computing devices and apps, and … 3) manageable processes for rapid uptake of enterprise apps, mashups, and devices matched with IT support processes that scale to match.

While this may not seem an ideal scenario for the traditional IT department, it most likely is within the limits of what can be tolerated.  However, what happens when the business gets “carried away” and starts driving IT initiatives? Here’s Dion Hinchcliffe’s explanation:

The overall trend towards ad hoc adoption of personal and cloud technology at work seems to be inexorable. More and more IT is moving out from under the CIOs budget, just over 30% by some estimates. Perhaps most disruptive of all, however, is the sudden appearance of extremely stiff competition for IT services. While the move to self-service IT in general has been a steady trend for a decade — and which is starting to be called CoIT — it’s the outright diversion of business budgets directly to external IT providers, whether they are the newer SaaS vendors and app developers or the more traditional IT consulting firms and VARs. In short, the business likes the selection and service it’s getting elsewhere, and routing around IT in many cases. [emphasis added]

Suddenly, we have a situation in which the IT department no longer is in complete control and may well have trouble imposing a locked down computing environment.  Now, if you’re working in the financial or legal services industries, consider what happens when you couple the move to CoIT and external IT providers with growing incursions by hackers. According to a recent report in Bloomberg News, there’s been disturbing hacker activity directed towards law firms lately:

Over a few months beginning in September 2010, the hackers rifled one secure computer network after the next, eventually hitting seven different law firms as well as Canada’s Finance Ministry and theTreasury Board, according to Daniel Tobok, president of Toronto-based Digital Wyzdom. His cyber security company was hired by the law firms to assist in the probe.


`As financial institutions in New York City and the world become stronger, a hacker can hit a law firm and it’s a much, much easier quarry,’ said Mary Galligan, head of the cyber division in the New York City office of the U.S. Federal Bureau of Investigation.

Galligan’s unit convened a meeting with the top 200 law firms in New York City last November to deal with the rising number of law firm intrusions. Over snacks in a large meeting room, the FBI issued a warning to the lawyers: Hackers see attorneys as a back door to the valuable data of their corporate clients.

To be honest, I don’t envy law firm IT directors.  They are faced with the difficult task of imposing stringent security measures even as they watch their internal clients scurry out the door, exercising their right to choose their own IT tools and chasing self-service IT as a means to get out from under the control of their organization’s IT department.  While security concerns have often trumped other considerations in the past, it will be interesting to see if the newly emboldened  IT consumers will insist on using their preferred devices and self-service IT despite heightened security concerns.

It’s a nightmare scenario, coming to an IT department near you — soon.

[Photo Credit: Terry Freedman]