One of the more interesting components of Silicon Valley is the idea that services of all sorts can be offered to small and medium businesses over the Internet to prevent them from needing to run their own services in their offices.
In a lot of ways, this is great, because it promotes security and it allows teams that otherwise couldn't build services to have them. These services also have a pretty great revenue capture strategy. Allowing a limited number of users, capabilities, or capacity allows companies to get services at a low cost, and then grow into bigger versions of the product. Using this strategy, teams and companies can mix and match services that meet their needs.
For larger organizations where there is an IT department, I think that there's a lot of potential danger and damage to this type of situation can create. IT departments aren't blameless in this trend, many of them have almost directly caused it. The rise of shadow IT has been talked about a little more often recently, in a few different contexts.
One of the contexts I've seen a few examples of lately is the prevalence of software like Dropbox and Slack in workplaces that already have file servers, and possibly even chat or communications servers. Sometimes it meets a legitimate need, such as when there are file and SharePoint servers on the site, but when using those tools prevents collaboration or sharing with people who are outside of the organization.
Another reason I think people have started to use services like OneDrive, Dropbox, and Google Drive is that it makes it easier for them to understand where their files are. Whenever you put something in the sync folder on one of your computers, it appears in the others. Although, this is unrelated to that direct thought, but that introduces some complexities to use that type of file syncing. Nevertheless, access to a service like Dropbox or Slack is often perceived as more reliable and simpler than services provided by IT departments.
Part of this of course is that IT services aren't often designed to be easy. They're designed to provide security and regulatory compliance for the organization being served. For example, in education, services might host data about students and about their academic status and performance, which is covered by FERPA regulations in the United States.
In education, and probably in private industry, it's reasonably common for employees and contractors to use their own personal devices for work purposes. There are a few problems that can arise from this. For example, if someone has information stored on a personally owned laptop that either gets compromised or stolen, that information is probably going to be compromised. Additionally, individual employees outside of say, a registrar's office or an information security team aren't necessarily going to know about data breach reporting requirements. This is all exacerbated by the fact that most regent's boards and departments of education consider it an inappropriate use of public funds to configure, secure, and repair or remediate personally owned devices for faculty and staff. And so, if I teach a class and my students' names, majors, ID numbers, and grades are on my laptop, and I leave it in the airport, that's going to be an unreported data breach.
The other situation I've seen is that many departments de-prioritize spending on computer hardware and software. Sometimes this leads to people asking for support on an unsupportable device because their department has set the expectation that it'll be provided, and sometimes it creates the expectations that employees will buy, maintain and repair their own computer, even though their position may not pay enough to do that.
The other unfortunate thing about people using all of these tools is often that it's simply because people don't know what is available and what the organization provides. Discussing what the department provides and the benefits of those services is often low on an IT department's priority, both while specifically communicating with customers, and in general.
There's a cultural shift involved in either creating an environment where people know to ask for tools that meet their needs, or where the IT department creates a service catalog and documentation in a specific way, and members of the organization know to check that documentation.
This part of it is may be clearly very self-serving, but a realy interesting question about services like this is how do and should they impact an IT department's budget and services that they already set up and run? Should a Dropbox server replace a file server? If it does, what should the hardware and staff that were being used to support that file server do? Is it reasonable to downsize in this way, and what are the other potential impacts of doing so? In my case, the network connections on campus are still important and are more complicated than the average home network, so there is still a need for information systems staff. Even if you can get rid of the file server itself, the cost of enough licensing or capacity in a cloud storage service is significant (and on-going), and you still need somebody to help set up permissions and directory structures on it, connect it to users' computers, and manage it when it goes wrong. I think it ends up being a wash, and performance might be impacted significantly, when you consider that you're going to move thousands of people's files off-premise and they'll all need to go through a single Internet pipe to get to them.
Having that tool available for its strengths is worthwhile, but I think it's misguided to try replacing things wholesale just because they are easier for some people to use, even (sometimes especially) if those people are important.