In every organization there are two ITs: the visible one that lies behind the veil of a help desk queue and ticket numbers, and the invisible one—the scattered tribe of go-to tech folks that are embedded within every team. In the beginnings of the internet, everything was “Shadow IT”. Every team had its own computer guru, unburdened by central oversight. As systems scaled, we traded agility for order. Now we have entered the modern era of centralized compliance and operational scalability, with one central IT help desk, a single CISO, and the illusion of singular control. Yet the reign of shadow IT will never end. Wherever there are digital systems for humans to use, there will always be a particular trusted, recognized person who must bridge the gap between the users and the infrastructure that empowers them.

When a team lacks its own technical advocate, one will inevitably emerge—whether it’s a seasoned practitioner or just the most computer-literate person in the room. No degree of centralization can eliminate the informal layer of expertise that keeps organizations functioning in the gaps between official channels. In other words, “shadow IT” is not something we must fight and resist. Shadow IT is not a governance flaw-it’s a law of systems: complexity naturally decentralizes itself out of necessity. It arises naturally in the vacuum left by centralization. Instead of abandoning, ignoring, or fighting it, we must foster it centrally, providing space for ingenuity and independence while guiding it through lightweight and transparent governance.

By embracing a collaborative model built with the unavoidable power of federation atop the unshakable foundation of a solid core, we can empower teams within an organization to drive their own success. We should strive to build a network of empowered advocates. Shadow IT isn’t an anomaly that we should fight; instead, it is the heartbeat of adaptation within complex systems. The people who embody it—the accidental administrators, the hallway troubleshooters, and the unsung tech whisperers present in every team—form what I call “the Invisible League of IT”.

The Invisible League of IT

There is a well-intentioned and highly effective push in modern IT to move everything into the cloud, offered as a Software-as-a-Service platform, paid for on subscription, and delivered as a web application. From a compliance perspective, you literally couldn’t ask for more. Data no longer lives on scattered endpoints; it lives in a single, protectable cloud workspace. Instead of defending a thousand laptops, compliance teams can focus on hardening one cloud fortress.

But this online-only SaaS web-based approach doesn’t scale everywhere. For example, my team and I work in some of the most incredible places on the planet. One of those places is Antarctica, where we operate science research equipment on the Ross Ice Shelf.

As you can probably imagine, we don’t exactly get high-speed fiber-optic internet access when we’re digging equipment out of the ice on the coldest, harshest, and most remote continent on the planet. On the ice, if it’s not offline, it doesn’t exist. Plans, notes, documentation, even the humble to-do list—everything must be accessible without internet.

To quote a famous tech optimist: “Nobody in their right mind will ever need to work offline!” Then again, this same school of thought said, “Nobody would ever need more than 640K of memory”. While you could argue that anybody who would voluntarily go dig holes in Antarctica is clearly not in their right mind, the point remains that the most well-intentioned SaaS policy will almost certainly fail to cover the needs of a team like mine.

When an overly centralized IT office mandates “All data must live in our chosen SaaS platform”¹ users end up fighting it not purely for rebellion’s sake, but because operational needs demand it. And the more abstract the policy, the more creative the workarounds must become. Workarounds like external hard drives that get lost or stolen, screenshots of sensitive data living on people’s phones, or in a one infamous case, an unpatched Plex server that became the doorway to a global password manager breach.

Abstract policy that ignores operational context demands creative workarounds by the people who actually use those systems.

When the system of policy and compliance fails to meet the needs of a small and localized team, someone inevitably steps up (or is hired to). They might not be on the formal IT payroll, but they make things work for that team, and that’s more important than anything. Yet where these individual IT practitioners embody the empathy necessary for a particular team, the centralized IT office sees only risk or non-compliance.

Make no mistake: this team and teams just like mine all over the world never got into this as a form of malicious non-compliance. We never said “Ahoy! We must fight compliance at every turn! Down with the central IT department!” This bypassing of the central IT department is almost never born out of rebellion but out of responsibility. Someone had to make it work and where a centralized IT office failed, the local IT hero succeeded.

When policy fails to meet human context, The Invisible League of IT steps in to restore balance to the digital universe, not out of chaos, but out of the natural self-healing property of complex systems.

The Law of Complexity

(or, Why Human-Centric IT is Important)

One of the most fascinating aspects of system design is decomposing complex problems into lots of tiny and simple problems. How does nature build a tree? Not by crafting a perfect, centralized core, but by growing millions of tiny cells, each with its own purpose. Some draw nutrients and anchor the trunk in the soil. Others form the rigid structures that let it rise towards the sun. Still others become leaves, transforming sunlight into sugar. If the trunk tried to handle photosynthesis, it would be a disaster, and leaves aren’t much good at pulling nutrients out of the ground.

We see the same law in all complex systems; they naturally decentralize themselves out of necessity. A bone cannot be a muscle, a phone cannot be a laptop, and the central team responsible for policy and oversight cannot possibly dictate universal standards to which all ten thousand employees at an enterprise must adhere. It makes sense that the oversight team will always overlook something. Abstraction makes it possible to establish some broad norms, like “everyone uses Outlook” or “we meet on Zoom.” But no matter how good the policy or how expensive the platform, there’s always a team whose needs don’t neatly fit.

Federated IT practitioners are not threats to compliance; they are its living expression.

A large enterprise is a complex system unto itself, and human-centric IT means accepting this truth and designing within it. The Invisible League of IT is the expression of this truth. Every team deserves its own skilled technical advocate—someone who understands their domains, their pressures, and their practical implementations. Whether that person is a central IT liaison or simply the team’s official technologist, they are the connective tissue between people and policy. The goal of central IT should not be to eliminate these local experts, but to recognize and empower them as extensions of the core.

Federated practitioners are not threats to compliance; they are the living interface between governance and reality. The Invisible League of IT is the network of humans who translate governance policy from words on a page into real-world context, keeping both agility and security alive where pure centralization would fail. Healthy IT ecosystems balance a strong trunk with countless thriving branches—not by pruning what dares to grow, but by giving it the nourishment and structure it needs to flourish.

Building a Culture of Partnership

“Kyle,” you say, “all this sounds great. This would make for some really great blog content. But how do we make this real?”

We make this real by shifting from a culture of “oversight and diktat” to a culture of partnership. This begins with two things often missing in enterprise IT: transparency and trust. Trust must flow both ways in a positive feedback loop. Central IT must believe in its distributed practitioners, that they can build and maintain secure, compliant systems without constant supervision. And in turn practitioners must trust that central IT will act as a partner, not a gatekeeper—enabling the success of distributed IT, not policing it.

Right now, both central and shadow IT live in fear: shadow IT fears that central IT will realize just how much they don’t manage, and central IT fears the risk by what they don’t manage. The only path forward is to replace mutual suspicion with mutual responsibility—a culture of partnership where both shadow and central IT work together to move fast and stay safe.

The culture of partnership begins with visibility and trust.

We begin with visibility and trust. The Invisible League of IT must be made visible: formally recognized in org charts, in budgets, and in briefings. Central IT can build ambassador programs, open communication channels, and form mentorship networks that link distributed practitioners with each other and with core IT teams. These bridges begin to transform “shadow” work into partnership, giving local advocates the authority and resources to do things the right way.

Visibility and Trust: planting the seed of partnership

Here are a few concrete things that you can start this week to begin building the culture of partnership:

1. Host regular IT Conferences for the entire organization, bringing together central IT and every embedded technologist from across the enterprise under one roof. Make it mandatory and rare, a no-more-than yearly conference in which you can expect to see everyone who does computer things. Create spaces to meet and socialize with other IT people as well as discuss the goals of independent teams (not just the central help desk teams!). Build community (not bureaucracy) one shared event at a time. And remember that it should feel more like a convention: the point is to get IT people to talk to each other, not listen to a 6 hour presentation from the CISO about alignment. If you’re a central IT team: create a speaker list that contains no more than 1 person with “Chief” in their title, and no more than 3 people from the central IT office. Try to find presenters who work in shadow IT, and the help desk, who can share with the enterprise the brilliant solutions they’ve found to real-world problems.
2. Establish a platform for shared internal IT knowledge. Often, an org will find itself with two distinct teams, who are each deploying and managing the same platform independently of each other. HR and IT both need a ticket platform. The College of Engineering and the College of Computer Science both have a tool for scheduling conference room use. The dev and ops teams both use Jira, but pay for them independently! The solution to this problem was thought to be centralization, but I propose that a far more effective solution is actually a shared easy-to-use knowledge base. Give everyone who’s involved in IT, both central and shadow, access to this knowledge base. Rather than dictating “We must all use Jira!”, give teams the ability to discover organically that they’re not the only ones using a platform, or that another team is using a different platform more successfully.
3. Create a dedicated Slack channel for no-consequences shadow IT talk. Now I of course mean “no consequences within reason”, but there should be a dedicated space for the various distributed “shadow” IT practitioners to chat and discuss the things that are working well, things that aren’t working well, or just get support for things that fall a little bit outside the realm of central IT without the fear that central IT will barge in and demand that these systems and practices be shut down immediately. Create a dedicated space for conversations like “does anyone have experience administering doku-wiki” or “is there a better way to bypass our VPN’s split tunnel restrictions when the connection drops mid-deploy?” Compliance people, learn to scream as you witness the breadth of what goes on outside of central IT, but let these discussions happen. This is where real growth begins, when all the various shadow IT people get to share their experience and expertise with the rest of the shadow IT people, and provide that back into central IT.
4. Governance should define outcomes, not dictate tools. The goal is to provide a way for shadow IT to report back to central IT “This is what I’m doing, this is why my team can’t do it any other way, and most importantly, this is how I’m continuing to protect the enterprise and my team as I deploy this app/system/tool.” Enforcing a particular solution by deciding that since most people use XYZ Ticket Platform, everyone must now use XYZ Ticket Platform instead of Jira, UVDesk, or Freshservice is foolish. Instead, give teams room to innovate responsibly, and you’ll never have to pray that nobody’s quietly using TeamViewer again.
5. Onboard all shadow IT employees as if they were central IT employees. When onboarding any employee who will do IT work, whether that’s central or shadow, treat them like part of the IT department. Sign the admin agreement, take the trainings, meet the people. Introduce all IT people to key systems, tools, concepts, and people within the central IT department, even if they’re going to be primarily part of the team working remotely in Antarctica. Don’t stop at compliance officers and help desk leads—introduce the team to peers across both central and distributed IT. That’s how collaboration starts.
6. Don’t equate cost-savings with governance. Yes, saving money matters. But remember my earlier story of working in Antarctica: all the cost-savings and cloud consolidation in the world won’t meet every use case. The purpose of centralized governance should not be “save money at all costs to the exclusion of every other priority.” Instead, governance should try enhance security, reduce risk, cut costs, and importantly must remember the disparate needs of the many departments within the organization. Cut costs, not context. The cheapest policy can become the most expensive when it fails the people who actually use (or work around) it.

Shifting the culture from management to partnership

Culture isn’t built on policies; it’s built on habits—small, regular acts that reinforce trust and shared ownership. The steps above aren’t a comprehensive checklist, but a framework for nurturing these habits. Using these, and other practices that fit your organization’s needs, you can begin your journey toward true culture of partnership in IT. Move past the idea that everything with a power cord belongs under central IT administration. Instead, adopt a framework in which each team has a responsible IT advocate: a dedicated practitioner with the skills and scope to manage IT for the team with support and guidance from the core IT team.

Cut costs—not context.

Central IT should almost never dictate which platform or tools everyone must use across the enterprise. Top-down decrees only drive users to engineer backdoors and risky workarounds The role of central IT isn’t control—it’s cultivation: building the framework that lets distributed experts work freely, securely, and in alignment with the enterprise’s goals.

Remember: partnership isn’t a policy, and it’s not something you can do once and move on from. It’s a practice that you must cultivate and strive for. Aim to build a network that transforms the Invisible League of IT into a network of skilled experts across your organization. Don’t stop at building your digital network—make it human, too. Because at its heart, partnership is about people—and every system we build should serve them first.

Human-centric Computing at Scale

There’s an old quote—I don’t remember where I first heard it—but it’s so critical to anyone working in IT to remember: Business needs must drive IT operations, never the other way around.

Business needs must drive IT operations, never the other way around.

Save it, print it, write it on your wall, paste it to the top of your Grafana dashboards, and never forget it. Because this idea sits at the very heart of system administration. I certainly believe that the absolute core of IT is to empower the excellent work that is done by real humans in our organizations. If we spend too much time chasing abstract goals like “clicks per campaign” or “CPU utilization curves” we forget the whole point of all this technology: it’s a tool to help people do great things.

When we make technology an end unto itself, when we say “we must make AI for the sake of achieving the singularity” we forget who this is all for. IT is for Alice and Bob. IT is for the humans who sit at the customer service desk and listen to angry customer complaints. IT is for the HR department who wrestle with archaic payroll systems. IT is for research groups, professors and students, people who dig holes, engineers, builders, tailors, sailors and pilots, chefs and waiters, astronauts and truck drivers. IT is for humans.

As we design the next generation of IT, as we reconcile Shadow IT with centralized compliance, we must build a future that is federated, secure, and above all, human-centric. A network of trusted professionals within an enterprise who protect both people and systems. Let’s stop thinking about “shadow IT” as something to eliminate, and instead evolve towards “distributed IT advocacy”. Because the center of IT isn’t centralized IT, and it shouldn’t be living in the shadows. IT lives among people, IT works in our teams, IT is part of our meetings, and IT helps real humans to shine.

IT is for humans.

What next?

Shadow IT and central IT were never truly at odds with each other. Recognize the duality of the two—the human and the institutional, the adaptive and the accountable. When they work together, organizations gain all the benefits of both worlds: agility without chaos, compliance without stagnation, and uniqueness with uniformity. The culture of partnership turns oversight into collaboration, silos into federations, and reminds us that the strength of an enterprise lies not in who controls the tools, but in how we use them together.

When your IT team trusts each other to share in the work of protecting and empowering your enterprise, you can abandon the idea of “shadow” and “central” IT. Drop the qualifiers. It’s just “IT”.

---

About the author

Kyle has been working in IT for over a decade, in small teams and massive enterprises. He prefers small teams, where you can do away with abstraction and really focus in on the real needs of every day people.

Like what you see?

Support my work by giving to your favorite charity or by adopting a puppy! Unfortunately, you probably can’t afford to hire me, but you can check out my resume if you’re curious.

Footnotes

1. To be clear, this story is a little exaggerated. In my particular situation, we actually have awesome collaboration and support from our central IT office and a realistic and highly workable and secure solution. But perhaps you recognize these sorts of diktats from on-high, or have even made them yourself? ↩