Editor’s Note: As more businesses begin to embrace citizen development here is a look back at an October 2015 interview with Mark Driver, a Research Vice President in Gartner’s Technology and Service Provider division, on how to enable citizen development in your organization.
In his August 2015 report, Citizen Development is Fundamental to the Digital Workplace, Mark Driver suggested that as employee digital dexterity grows, more individuals and teams will develop their own, increasingly complex applications – with both positive and negative implications for organizations.
Driver said that the enterprise must actively encourage citizen development rather than try to shut it down. Ideally, citizen development should be part of a broader workplace strategy to boost employee engagement, he said, and policies and procedures must be put in place to ensure that it operates smoothly.
His recommendations included defining the domain of citizen development efforts to be enabled and managed under enterprise IT guidelines and establishing criteria to identify and monitor more critical citizen development activities.
I recently had the opportunity to speak with Driver about the different areas of interest from our readers around citizen development – namely: security, infrastructure, and starting from scratch.
I wondered how organizations maintain secure IT infrastructures while encouraging citizen development. Driver shared my view that security is a major challenge.
Most companies he’s observed are not doing a particularly good job of it, struggling mightily with issues of governance and control. Citizen development is inherently risky because data that’s managed in a variety of disparate locations is more vulnerable. For instance, someone could put a million Social Security numbers on a laptop that’s left at the airport.
According to Driver, programs involving a true partnership between IT, the citizen developers, and end users are more secure, because unlike in the case of shadow IT, there is greater transparency.
He also mentioned that security issues related to citizen development tend to be very context sensitive, with everything written in pencil. The amount of governance that’s required really depends on the level of integration with enterprise services.
On a related note, can citizen development happen on any platform or does it need to occur within the confines of the established IT infrastructure?
Contrary to popular belief, citizen development has been going on for decades with some degree of friction between corporate IT and business unit developers. But according to Driver, there was a natural limit to how bad it could get because you couldn’t just slip in a purchase order for a $40K server. IT groups were aware of development efforts even if politics tried to keep them out of it.
Now, though, with the opportunity of SaaS and the cloud, there is a wide range of tools available to citizen developers. It’s cheap and easy for anyone to build an application, and the truth is, IT wants to hand over some of the more basic application development responsibilities to the business unit. Like anyone, CIOs just don’t want to be surprised.
Starting from Scratch
So how do you institute a citizen development program where none has existed before?
It’s all about education and lots of it, Driver said. You have to get all of your stakeholders together, make sure everyone understands the motive and the opportunity, and create a policy that outlines the required people, processes, and technologies for different types of projects.
Be prepared that IT governance and oversight will likely vary depending on an application’s complexity and scope, and a process that starts in a business unit may need to eventually transition to IT.
Establish a liaison between core IT and the business unit and keep an open line of communication. Your goal should be to promote partnership at all times so that you avoid the shadow IT phenomenon and keep everyone on the same team.