CC: Mr. James Tuladhar
From: Pranab R. Shrestha
October 2nd, 2018
Subject: The Growing Problem of Shadow IT
The current system, although once upon a time, was the most effective, efficient and practical the days have certainly changed and is quite the opposite now. We all wonder what yield to this moment and sadly lack of foresight, unable to adapt ourselves to the technical advancement are the factor for our realization. I’m afraid to say many of us still will not see it as an “issue” for lack of the better words. I will lay out my grounds from three distinct point of view that will help us better understand and take actions accordingly.
1. Technology: The system has been obsolete in every regard. The Graphical User Interface (GUI) is not user friendly and adheres to the standard of ancient days, in technological world of course. A simple mundane task of searching for business goods, and placing the order is done via three outside vendor systems that are as ancient as they go. Given our system is a Commercial Off-The Shelf (COTS) product and one of the main reasons we came to this point is the original vendor that built has been out of the business, so we did not simply look into either a replacement or an updated version to this existing system. Time and again we simply ignored the solutions provided/suggested by our IT department and business just failed to take action on those.
2. Business: Due to the above-mentioned reason, the business side effect has been clearly bad to worse throughout the years. We will reach a point when no current system will house or support unless we invest heavily or get an outside party to do so, which will cost a fortune and the company will have no way of backing out. Either give up and retire the system that has been in use for this long or upgrade/modernize for lesser cost. The path we have in front is clear and I will leave it up to the executives to make the decision.
When a customer simply tries to execute mundane tasks via our current system, the amount of time for an ‘end-to-end’ execution is simply excessive in current technical standards. For example, it takes a user days to procure a simple office supply as a notepad through the system, whereas it should be in click of a button and the process will literally take 5 minutes the max. so you do not blame the customers for “cutting corners” to acquire their business needs, but the sole responsibility is on us as we failed to provide a system that reacts to the customer needs. It wastes time, money and unnecessary chain of command that signifies nothing but merely waste of time to procure an item. This should alone be the main factor on why we pursue a system upgrade.
3. Finance: In business world, time is money and all that we have been losing is just extraordinary. Think of all the time a customer is losing by not being able to conduct a business in a trusted system. An order that should take mere 10 clicks of a button takes days that involves three outside vendor systems, and internal chain of command for approval is simply unacceptable. All the time that’s wasted and money that will never be able to recover, unless we act on it now.
The upgraded system will allow us to adapt with current technologies saving money, resources and targeting customers as our priority. So, the business can work efficiently, effectively leading boost in productivity. Customers will have access to a simple, re-designed system that is visually appealing, user friendly and lightning fast. The system will route the approval process internally through the necessary and limited chain of command. As soon as the approval goes through, it will transfer to the external vendor who will provide us the services as the customers have required. Keeping this in mind I am putting forward a proposal for the use of Cloud Access Security Broker (CASB). This tool provides services between the company’s infrastructure (our current system) on the premises and cloud provider’s infrastructure. CASB will act as a gatekeeper, that will allow the company to extend its reaches beyond its security policies. They will simply have eyes beyond their infrastructure and will be able to control the data being accessed from both internal as well as external sources.
It ensures that “network traffic between on-premises devices and the cloud provider complies with the organization’s security policies. The value of cloud access security brokers stems from their ability to give insight into cloud application use across cloud platforms and identity unsanctioned use. This is especially important in regulated industries. CASBs uses the auto-discovery to identify cloud applications in use and identify high-risk applications, high-risk users and other key risk factors.” Another benefit of using CASBs is that every data that CASB collects can be used for the company’s monitoring system as well as for budgeting system.
CASB will acts as a mediator between the legacy data (that will still need to be utilized) with information gathered from the customers/employees and store it in the cloud. The cloud is the most safe, practical, cost-effective data solutions out there currently that provides numerous features like oversight, governance, data management, data mining etc. The capability of real time monitoring will bring huge benefits to the company. The data held will be only that of the company’s need and any other data that is of no value or no need to be archived will be deleted to make space for more data. But of-course will have a proper business process and approval based on the data needs and business needs for getting rid of any information that deemed obsolete. Data quality will be insured by the five method of data stored accuracy, completeness, consistency, uniqueness, and timeliness. This will insure the data to be accurate during the time of retrieval.
The company could access data to arrange the data from most important to least important and could get rid of the unwanted data that is just consuming space which could mean high cost for the company. Therefore, maintaining the data stored becomes very important to minimize cost. “The most direct cost to an organization with poor-quality EAM or CMMS data is an increase in maintenance costs. Asset-intensive companies typically spend between 5% and 10% of their annual revenues on maintenance. Reactive maintenance is two to five times more expensive than a planned and predictive approach. Planned maintenance based on accurate and reliable EAM and CMMS data can help to avoid rapidly escalating costs.”
Moreover, with the cloud the regular database patches, upgrades will be pushed by the vendor continuously for safety, features and reliability. We will draft a proper lifecycle for release, so we can accommodate these solutions provided to us by the vendors and we push it our systems as advised on time.
The old information system handled the data stored poorly because most of the data that was stored was in poor data quality. This was costing the company an approximately $500000 extra just to maintain the poor data quality. However, with the new system the data quality will be insured by CASB, which will store quality data, and this could be a beneficial to the company’s in terms of cost effective. CASB will provide the company with high quality data that will be stored according to the priorities and will assort the data and delete any poor data to save cost for the company.
Our current system is simply not capable of handling all the newest upgrades both from the application side and the hardware side. There are no upgrades to a mainframe (our current system) in technology today as it is one from 20 years ago. Most of the companies have moved away from the mainframes decades ago and have adapted to newer solutions. We can utilize the data that currently is in the system, but the GUI will change to a tool that offers similar options but much more capable with hundreds of new features and options to the customers. The hardware we will use will be current Fiber SAN servers and data storage with the latest networking fundamentals as routers, load balancers. The chance in technology has made it impossible for the old system inefficient and has not been able to keep up with the growing demand of data storage. However, the old system will be integrated with the new system by upgrading the system so that it continues to work with the latest technology and still hold the information that is in its system. Although the information that will be accesses will have to be manually it will still hold some of the important data information that are important to the company.
There are organization that has set their foot in the similar information system that has been upgraded and been working for the benefit of the company. In my point of view using CABS will help us not only to store quality data but it will help with the problem that we face with Shadow IT, which will be in the control of the IT department where they over see every data that is being accessed. The new tools will help the company to ensure the security threat against data theft and will keep the company’s information safe.