The IT department I joined fifteen years ago doesn’t exist anymore. Back then, IT controlled everything. Want to install software? Put in a ticket. Need a new laptop? Three-week approval process. Want to access a cloud service? Good luck with that, we don’t do cloud.

That model is dead. It died slowly, killed by shadow IT, cloud services with credit cards, and business units that decided they’d rather ask forgiveness than permission. What’s replacing it is messier, more distributed, and honestly, probably better.

How Control Slipped Away

The traditional IT operating model was built on scarcity and control. Compute resources were expensive, so IT rationed them. Software required physical installation, so IT managed it. Data centers were complex, so IT ran them.

Then cloud services arrived. Marketing didn’t need IT’s permission to sign up for HubSpot. Sales could start using Salesforce with a credit card. Finance discovered Xero. Every department found SaaS tools that solved their specific problems, and they were good tools, often better than anything IT could have built internally.

IT’s response was predictable: “No.” Security concerns. Integration issues. Compliance risks. Lack of support resources. All valid concerns, but they didn’t matter because the business had already made the decision.

I watched this play out at three different companies. IT would discover that marketing had been using some analytics platform for six months. By the time we found out, they had built workflows around it, trained their team, and integrated it with other systems. Shutting it down wasn’t realistic. We’d scramble to retrofit security controls and hope nothing broke.

The New Model: Distributed Technology Ownership

What’s emerging is something different. IT is shifting from being the gatekeeper to being the enabler and guardrail setter. Business units own their technology decisions. IT provides platforms, sets security policies, manages integration patterns, and handles shared infrastructure.

At our company, marketing owns their MarTech stack. They choose the tools, manage the budgets, and handle vendor relationships. IT provides the identity management integration, monitors for security issues, ensures data flows correctly into our warehouse, and steps in when things break in ways marketing can’t fix.

This works because marketing understands their problems better than IT ever could. They know which features matter, which vendors are credible, and how the tools need to work together. IT trying to make those decisions always resulted in suboptimal outcomes.

What IT Still Controls

Certain things have to remain centralized. Identity and access management is one. You can’t have each department running their own authentication systems. Security monitoring and incident response has to be centralized. Network infrastructure, core data platforms, and enterprise-wide systems like ERP and HRIS require central management.

The line isn’t always clear. Is the customer data platform a marketing tool or central infrastructure? Is the data warehouse owned by IT or by the analytics team? These questions require judgment calls based on your organization’s structure and capabilities.

My rule of thumb: if more than two departments depend on it, IT should probably run it. If it touches customer data, payment information, or regulated data, IT needs to be involved in governance even if we don’t run the system day-to-day.

The Skills Gap

This transition requires different skills from IT professionals. The traditional IT generalist who could troubleshoot Windows, manage network switches, and maintain servers is less valuable than they used to be. Cloud providers and SaaS vendors have automated or absorbed those tasks.

What’s needed now are people who understand integration patterns, API design, security architecture, and data flows. When the Team400 team worked with us on an automation project last year, half the value was teaching our team how to think about these problems differently.

IT also needs more business acumen. If you’re enabling business units to make their own technology decisions, you need to understand their problems well enough to guide those decisions. That requires IT people who can talk to marketing about customer journeys, discuss financial processes with the CFO, and understand operational workflows.

The Hard Parts

This distributed model introduces complexity. Instead of managing 50 IT-approved applications, you’re now governing 200 tools across the organization. Visibility becomes harder. Cost management gets complicated. Security surface area expands.

You need better tooling. We use Okta for single sign-on across everything, which gives us visibility into which services are actually being used. We have a cloud spend management platform because AWS bills across 30 different accounts are impossible to track manually. We mandate that all external services integrate with our logging infrastructure.

You also need cultural change. IT has to stop saying “no” reflexively and start asking “how can we make this work safely?” Business units need to stop hiding their technology decisions and start involving IT early. Neither side naturally wants to work this way.

Making the Transition

If you’re still running IT like it’s 2010, here’s how to start evolving:

First, inventory what’s already out there. You probably have way more shadow IT than you realize. Make the list non-punitive. You’re just gathering information, not shutting things down.

Second, create an approval process that takes days, not weeks. The reason people bypass IT is because IT is slow. If you can give a yes or no answer in 48 hours, most people will ask permission.

Third, build self-service platforms where possible. If developers can provision cloud resources through an approved portal instead of waiting for IT, they’ll use the portal. If business analysts can access data through a governed data catalog, they won’t ask for database credentials.

Fourth, invest in observability. You can’t manage what you can’t see. Log aggregation, API monitoring, cloud asset management, and usage analytics are essential.

Is This Better?

Honestly, yes. The old model was slower, less innovative, and created adversarial relationships between IT and the business. The new model is messier, but it enables the business to move faster and makes IT more strategic.

I spend less time saying no to Salesforce integrations and more time designing data architecture. My team spends less time resetting passwords and more time building automation. That’s a better use of everyone’s time.

The traditional IT department is dead. What’s replacing it is more complex, more distributed, and requires different skills. But it’s also more aligned with how modern businesses actually work. That’s progress, even if it doesn’t always feel like it.