When an organization is growing rapidly, IT teams often see a proliferation of third-party apps. But how do you manage and evaluate those third-party apps, especially if your company has thousands of employees? Brandon Williams, Director of Google Operations for the State of Colorado, provided some innovative tips and insight.
Learn More from Brandon
To hear how Williams did it for the State of Colorado, watch the video above.
Shadow IT is A Report Card, Not Necessarily a Danger
First, Williams ran a list of all of the applications that had been authenticated into the system. To do so, he used BetterCloud (specifically, the Third-Party Apps Audit feature) and used the tools in Google’s control panel reports to look at third-party app installs.
“We were surprised at the number. You look at them, and there’s thousands—hundreds of thousands—of applications on the web. No IT shop can track all of those that are in play,” he said.
“When we started talking about it, it became really clear–both to security as well as us—that this was not necessarily a threat. This was a report card that our users were giving on IT. [They were] saying, ‘I need this to be able to do my job better.’”
App Review Friday is Born
So Williams’ team took that information and asked themselves how they could facilitate that.
The result: A creation called App Review Friday.
“We wanted to tell our users, ‘Hey, we’re acting on this. You give it to us, we’re going to take a look at it every single Friday and we’re going to authorize applications and get them to you to be able to use.’ We were actually tracking them centrally, instead of just saying, ‘No, you can’t have access,’” he said.
Empowering Employees to Do Their Jobs More Effectively
“We worked with the security office to come up with a two-step process. My team does a functionality assessment on an application, and then we work with security to make sure that the application meets all the applicable standards,” said Williams.
“As a result, we created a process that’s very free-flowing and very rapid response. It gave a structure to something that was really scary and daunting, initially.”
Identifying Trends in the Types of Apps
“Probably the most interesting thing [to come] out of it was that we started to see trends in the types of applications that were being requested,” said Williams. “As a result, that gave us an opportunity to look at applications in the environment and select those that we thought were best practices or most recommended.”
He added, “We have seen tools that we never would have envisioned coming into government—not only being deployed, but being proliferated and being used in some incredibly creative ways to get our jobs done better.”