IT departments have traditionally had complete control of all the technology used at their companies. To protect the company from security threats, IT departments would dictate what was permissible on company systems and how it could be used. Users who didn’t like what was available to them had no other choice.

But in a replay of what happened a generation ago when the first PCs infiltrated the workplace under the guise of VisiCalc, an early spreadsheet, the rapid adoption of cloud computing, smartphones and the emergence of large and easily accessible app markets are forcing technology and security changes in the name of productivity. IT departments can hardly say no.

The more forward-thinking IT teams are getting ahead of the wave. They do so by selectively making their own application program interfaces (APIs) and internal data models available to users who want to create their own apps and social media pages for specific projects. IT can still control what data get exposed, imposing a measure of security and systems discipline, and users have the freedom to develop the tools that they most want to employ.

The Federal Communications Commission (FCC) released a set of APIs as part of its My.FCC initiative. The new tool lets users customize how they view the FCC’s website. As a result, the FCC retains control over the website’s content while making its data accessible between departments and agencies, as well as to the public.

Such user empowerment creates an opportunity for IT and the business units to engage in a discussion as equals about the productivity-security tradeoffs arising from the cloud, the web, and the proliferation of new devices. The business units can participate in hammering out the details of policies rather than merely accommodating rules imposed by IT. This also ensures more willing compliance across the company – a security gain.