To centralize or decentralize? That’s a question many IT administrators and managers have wrestled with. On the one hand, taking a more hands-on approach to managing technology use in the organization can streamline processes, improve security, and ensure more consistent policies. But doing so can also create IT bottlenecks, overwhelm tech teams, and reduce employee autonomy and job satisfaction.

As AccessOwl found when we spoke to several IT experts at startups recently, the sweet spot lies somewhere between the two models. In this way, IT still has a say over purchasing and provisioning/deprovisioning software, but might leave individual teams to manage the rest.

The case for centralized control

Peter Fallowfield, IT Support Manager at Solidatus, makes the case for closer IT control over SaaS tooling. He argues that the onboarding experience works better for new starters that way.

“When I first started, HR kept chasing me about new starters. I think it's because, before I started there, they hadn't had these things set up, and were having bad experiences on people's first days,” he explains. “It's good to make sure that new employees have that good experience with IT on their first day, because it kind of gives you a general impression of what the company is going to be like.”

Lukasz Jaroszuk, Certified IT Manager at Kaia Health, adds that centralizing IT can be a powerful way to break down problematic organizational silos, improve visibility into what tools are being used, enhance standardization of those tools, and ultimately save the company money.

“We were literally going to people in departments and asking, ‘what tools are you using?’ Because no one knew. We found out the hard way when, for example, someone left the company and their account was deactivated and half of the tools stopped working,” he says.

“There were silos between teams and it was our task to break them. You have to be a little bit of a bad guy and say’ either go with this or that tool, but if you want to go with this one, we need to retain control over it.’”

Shane Fritts, IT Senior Manager at Maxio, agrees that IT centralization can help to keep costs under control, by preventing duplicate purchases by siloed teams and leveraging commercial partnerships more effectively.

“I built a partnership with CDW to order all my hardware and now a lot of software through them. And I get it hands-down cheaper than I could anywhere else,” he explains. “I'm getting anywhere from $100-$300 off a unit through CDW if I’m buying Apple laptops, and it's not even bulk ordering.”

The benefits of decentralization

However, there’s also a strong case for handing off as much work as possible to non-IT functions, as long as it is automated as much as possible to reduce the risk of human error.

“I would now absolutely evangelize having a single identity platform, using federation wherever possible, to keep your admin footprint as low as possible,” he says. “And working with your other teams, like we’re working with our procurement team to deal with our equipment. I don't need to worry about procuring IT equipment, everything's: standardized, built, done.”

That said, even in a decentralized model, IT still needs to be a good communicator with the rest of the business.

“We run our own show. But we’re constantly communicating with other parts of the business to find out what's happening,” says Maxio’s Fritts. “I'm constantly inserting myself into conversations so I can provide my insight. That networking and communication with the other leaders really helps.”

Kaia Health’s Jaroszuk agrees, describing IT as an “invisible connector” between different functions, especially in smaller companies.

“You’re working with DevOps, you're working with compliance, you're working with the salespeople. You're working with pretty much everybody,” he says. “If IT works correctly, you don't see the IT guys. But you have to dig your fingers into every single thing there is.”

A blend of both

In truth, most IT experts AccessOwl spoke to suggested that the best approach is for IT to retain control for certain important tasks, but offload where possible for the reasons outlined above.

When he started in the role, Truelayer IT Manager Liam Williamson says he focused first on gaining admin access to various tools that were owned by different departments, and then reducing the number of admins associated with them. The IT department is now responsible for creating and deactivating accounts for most of these tools, but then hands over fine-grained access within the apps to individual teams.

“Let’s say we have a tool that is predominantly used by commercial and sales. We’ll usually have ownership of the tool. Or ideally, we have a service account, so it's not tied to an individual in case that person leaves,” he explains. “There'll be a number of people within that who are admins, but we try to lock it down so that they can't add or remove people, but they can change roles within submission sets. So we would typically open the gates, give people access to an app, and then their teams will decide what they need access to once they're within the app.”

This level of delegation is necessary to avoid overloading IT and turning it into a bottleneck that slows down the organization.

“Because there are so many apps we don't have the capacity to be experts in every single app we have,” he says. “I think as long as you set up the right guardrails within the app to make sure that people can't do things you don't want them to do, [an element of decentralization] works quite well.”

Maxio’s Fritts took a similar approach, first consolidating duplicated functionality and then decentralizing some control to separate teams.

“People were buying stuff just to solve one problem instead of trying to understand what we have and how to make it work. So I just started taking over stuff and eliminating wasteful spend,” he says. “Once you get organized then you can say ‘all right engineering you're going to take over these apps. You're going to be the purveyor of truth for it. You're going to audit it every 90 days.”

Christian Holton, System Administrator at Enthought, argues that IT must always keep control of on- and offboarding to minimize security and operational risks.

“Decentralization is fine. But there needs to be some guidance from an IT perspective,” he says. “Different department heads and staff need to be on the same page in terms of account security, and that should come centrally, from somebody who knows.”

For Felix Naepels, Head of Internal IT at Pigment, IT should not even be involved in purchasing.

“When negotiating apps where you have no idea what value they bring to a business unit, it becomes something that you shouldn't really be doing if you want to be efficient,” he says. “The biggest challenge is letting go of the ownership of those apps while maintaining a level of control that allows you to be certain that they're not being run in a way that you don't want.”

What that level of control actually is will depend on the risk appetite and capacity of each organization/IT department. But it seems clear that a mixed centralized/decentralized approach to IT management is in everyone’s best interests.