惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Simon Willison's Weblog
Simon Willison's Weblog
G
Google Developers Blog
Spread Privacy
Spread Privacy
I
InfoQ
V
V2EX
S
Schneier on Security
小众软件
小众软件
C
CERT Recently Published Vulnerability Notes
博客园 - 聂微东
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
Stack Overflow Blog
Stack Overflow Blog
T
Threat Research - Cisco Blogs
L
Lohrmann on Cybersecurity
Recent Announcements
Recent Announcements
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
Attack and Defense Labs
Attack and Defense Labs
云风的 BLOG
云风的 BLOG
The Hacker News
The Hacker News
S
SegmentFault 最新的问题
C
Cybersecurity and Infrastructure Security Agency CISA
NISL@THU
NISL@THU
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
GbyAI
GbyAI
Latest news
Latest news
S
Secure Thoughts
Project Zero
Project Zero
MongoDB | Blog
MongoDB | Blog
I
Intezer
Security Latest
Security Latest
Apple Machine Learning Research
Apple Machine Learning Research
Vercel News
Vercel News
N
Netflix TechBlog - Medium
V2EX - 技术
V2EX - 技术
量子位
T
Threatpost
T
The Blog of Author Tim Ferriss
Y
Y Combinator Blog
T
Tor Project blog
A
Arctic Wolf
Microsoft Security Blog
Microsoft Security Blog
T
The Exploit Database - CXSecurity.com
大猫的无限游戏
大猫的无限游戏
T
Tailwind CSS Blog
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
C
Check Point Blog
博客园 - Franky
Google DeepMind News
Google DeepMind News
The Register - Security
The Register - Security
The GitHub Blog
The GitHub Blog
L
LINUX DO - 热门话题

Tim Wehrle

I Stored a Website in a Favicon Good Work Doesn't Speak for Itself The Microservice Overdose What if I stored data in my mouse
Maybe Shadow IT Is a Symptom
2026-06-17 · via Tim Wehrle

I recently heard from a colleague who built a small web application with Google AI Studio.

It wasn't a big project. He was annoyed by a repetitive task, so he spent a few hours building a tool that made his workflow much easier.

To be honest, I liked it.

It's satisfying to see someone remove a piece of friction from their day instead of just complaining about it.

The funny thing is, he wanted to share the tool with a colleague.

So he sent him the source code.

He was happy with that. His colleague would open it and everything would work just like it did on his machine, with no extra steps. 

Of course, it didn't.

I don't think he had really thought about what was happening behind the scenes. I mean, why would he? The app worked. The problem was solved. That's usually where people stop thinking about software.

He realized that there's a difference between software that works for one person and software that works for multiple people. Yeah, for people who know what they're doing, this was pretty easy to see coming.

I liked his approach to the problem, though.

A few hours earlier, he was struggling.

A few hours later, he had found a solution.

The more I thought about it, the more it reminded me of discussions about shadow IT. For those who aren't tech-savvy, it's basically a term companies use when employees start using their own software, tools, or processes without going through the IT department.

Which, if I'm honest, is pretty much what my colleague had done.

People often ask why employees keep building their own tools, spreadsheets, scripts, databases, and now AI-generated applications.

But I'm not sure that's the most interesting question.

Most people don't wake up wanting to maintain software. They don't dream about version control, backups, access management, support requests, compliance reviews, or documentation. Well, maybe someone dreams about documentation, but I've never met them.

People usually just want to get their work done.

Some people will (understandably) do it themselves if it seems faster than going through the official process. I'm not a fan either. It's frustrating to wait for a simple process to finish (and then there are 20 more of them).

That doesn't mean the IT department is wrong, though.

As soon as my colleague tried to share his application, he ran into the kind of problem IT departments are supposed to solve.

How does someone install it?

Where does it run?

What happens when it breaks?

Who maintains it?

What happens when the person who built it leaves?

None of this was an issue when it was just his personal tool. But as soon as someone else wanted to use it, the answers suddenly mattered a lot.

That's probably why I have a hard time seeing shadow IT as the real problem.

It often feels more like a symptom.

People don't build their own solutions because they secretly want to become software developers.

Most of the time they build them because waiting feels more expensive. Maybe not financially. But in terms of time, frustration and actually getting work done.

The department wants a solution now.

Meanwhile, IT wants security, governance, maintenance, support, backups, access controls, and all the other boring things that only become important after something is successful.

Both sides are acting rationally.

They're just focusing on different things.

One side is trying to solve today's problem.

The other is trying to make sure today's solution doesn't become next year's problem.

Maybe that's why shadow IT never really goes away.