This was the key question that was set at the off site IT management meeting of a global business a couple of weeks ago. I had the pleasure of attending as a guest speaker and was delighted to see this question come up as a working topic. It is, in a single clear question, the crystallisation of why I have devoted so much recent Blog time to ‘new’ user based technology. The new universal literacy for those less than 30 years of age is technology. They have grown up using a wide variety of devices and software without even realising the degree that this has made them what I now hear called Generation C. This group is the basis for increasing social study, the C is defined as ‘Content’, ‘Complex’, and ‘Connected’, but overall in the context of IT provision in a business the key word that comes from these traits is ‘Participation’. Generation C believes that all technology, whether internal or external, is ‘infrastructural’, and it is their role and right to decide how they will personally use to construct ‘applications’. I have used both these terms in the traditional IT sense to make the point clear. On a generation C website is the statement; ‘we are not the generation that will be affected by the world, but will change the world’, that seems to sum up a Generation C mindset. My recent blogs have focussed on the new technology, and its uses, for the simple reason that I firmly believe this is going to be the issue that IT professionals are going to have to come to terms with. Just as the CIOs predecessors, the Data Centre managers, had to come to terms with IT replacing Computing; remember what happened? The PC started in Business as a personal user based tool, and increasing user, and then departmental, adoption drove the revolution from Computation Services to Information Services. My concern has been to highlight how these issues are growing with more and more people getting involved. Many CIOs I speak to acknowledge that they have increasing amounts of ‘shadow IT’, the term for unauthorised, parallel IT activities, but hope that by refusing to acknowledge its existence they will not be held responsible. Well it didn’t work last time for the simple reason that the Business Managers decided that PCs, and Networks, offered them a new kind of business benefit that justified their adoption, and I can only see examples of the same thing happening again. In the beginning the problems were low and the issue could be ignored, but after a few years the unmanaged expansion in the use of PC technology caused at board level major problems, leading to the introduction of the CIO to control the use of information. Its time to acknowledge that this shift is under way, and to ‘manage’ the successful introduction, and that means setting out clearly the responsibilities and ownership of ‘role’ based activities around ‘content’, versus enterprise based procedures around ‘data’. Not an easy task if approached in a pure technology manner, so may be we need to re read the Human Resources handbook for some ideas on the definitions of responsible behaviours. Many have surprisingly clear definitions on personal and corporate matters. A look at Wikipedia provides an interesting starting point to construct at least the beginnings of a workable policy.