Eighty percent of enterprise IT functions are being duplicated by folks outside of the IT department, according to Hank Marquis, director of ITSM (IT systems management) consulting at Enterprise Management Associates.

You probably know them. They're the ones who installed their own Wi-Fi network in the break room and distribute homemade number-crunching apps to their coworkers on e-mail. They're hacking their iPhones right now to work with your company's mail servers. In short, they're walking, talking IT governance nightmares.

But they could be your biggest assets, if you use them wisely.

The reason super users go rogue is usually frustration, says Marquis. "It's a symptom of the IT organisation being unable to meet or even understand the needs of its customers," he says. "Otherwise, it wouldn't be happening."

The solution? Put them to work.

"Most IT managers have too many requirements and not enough time or budget to get everything done and keep everyone happy," says Jeffrey Hammond, senior analyst at Forrester Research. "If your infrastructure is flexible enough, you can let super users solve their own problems, take the heat off your developers, and provide some of your business needs."

Here are five tips for getting the most out of your super users.

Tip No. 1: Leverage the knowledge -- without the noise

If you want to find out where IT operations fall short, ask your super users. Most will be more than happy to give you an earful. But figuring out who your super users are -- and which ones are worth listening to -- is trickier than it may first appear.

That's because there are in fact two kinds of super users. One is the geek who loves technology for its own sake and deep down really wants to be an IT person. He or she will do whatever it takes to get the job done without waiting for IT to sign off.

But there are also super users who may not necessarily possess a wealth of technical knowledge but eat, breathe, and sleep a particular application -- whether it's your in-house accounting tool or your hosted CRM solution. They're your primary internal customers.

The problem? The geeks tend to squawk the loudest and to focus on minutiae, says Rachel Happe, research manager for the digital business economy practice at IDC. But it's the application hounds whose voices matter most.

"You'll get an overwhelming amount of feedback from people who are being very thorough but not necessarily thinking about an application's primary- and secondary-use models," Happe says. "You end up with a preponderance of edge cases."

To counteract "the loud crowd," Happe advises organisations to examine log files to find out who uses the applications most often, and then shoulder surf -- watching super users work and asking them questions about what they're doing and why.

"You want to develop an anthropological understanding of what your customers do," Happe says. You also need to identify those who should be super users but aren't because the current version of the application is too difficult to use, she adds.

Happe acknowledges that organisations may be reluctant to dedicate limited staff time to watching their own employees, but the alternative is millions of dollars spent on developing applications nobody uses.

"If you've got an ERP system, the accounting department has to use it whether they like it or not," Happe says. But as organisations start to deploy less structured communications-style tools such as BI or CRM apps, that changes.

"If they don't like the tool, you can't force them to use it," Happe warns. "And the only way to drive business value out of application deployment is regular usage."

Tip No. 2: Let them build their own apps

When it comes to business applications and super users, the rule is, If you build it, they will come; but if you don't build it, they will probably build their own. And that can cause big headaches.

Because of this, savvy enterprises that encourage super users to build apps do so in a way that lets IT keep a close watch over security, performance, and compliance. Mashups and Web-based workflow tools are two popular solutions that allow ordinary users to mix data, processes, and services yet remain governed by IT.

"Mashups can provide a happy marriage between the desire of IT to govern and the desire of business users to innovate," says Rene Bonvanie, senior vice president at Serena Software, a mashup platform vendor. "Even if IT wanted to build these apps, they can't because they don't have the capacity. But there's an entire generation of business users quite happy to do this."

Using Serena Mashup Composer, business users drag and drop applications, processes, and content into workflow diagrams that pull data from designated applications and Web services. John Hastings-Kimball, vice president of workflow solutions at Thomson Financial, tapped Mashup Composer to create an app that bridged Thomson's ordering, entitlement, Citrix server, and contract and billing management systems, trimming the company's order fulfillment process from four days to less than 24 hours.

During the past four years, Thomson business users have built dozens of mashups for generating sales proposals, establishing business continuity plans, and performing incident management for critical outages, says Hastings-Kimball.

"It's classic shadow IT," he says. "We grew the product across the entire sales and service organisation. Now we deliver solutions to almost every part of our organisation from outside IT."

Meanwhile, Ministry Health Care and Affinity Health System in Wisconsin relies on more than 3,000 Intuit QuickBase applications created by more than 100 employees, says CIO Will Weider.

The hospital started by creating a QuickBase workflow app to manage meetings two and a half years ago, and it just grew from there, Weider says.

"We tried using Access and other Office tools, but those things really stink when it comes to sharing data between users, managing security, and adding structure to data," Weider adds. "Those are all things QuickBase is good at."

Rather than fight ad hoc app development, Weider believes in embracing and encouraging it.

"My goal is to have 100 percent of our knowledge workers be shadow IT," says Weider. "Every employee must be tech-savvy and leverage the tools provided in order for us to have any hope of achieving a return on our very expensive IT investments."

Tip No. 3: Turn them into sys admins

A smart way to handle super users is to give them more IT authority, not less.

For example, 12 years ago, Maureen Vadini was recruited to help bring Parma Community General Hospital's paper records into the digital age. A registered nurse by trade, Vadini is still holding hands and taking temperatures -- but now she's doing it for users of the hospital's Vocera Communications System, which is modeled after the badge communicators from Star Trek: The Next Generation. When hospital personnel need to find each other, they speak into their badges, and Vocera gets the message to the right person.

Now a patient care informatics analyst in the Ohio hospital's IT department, Vadini made the leap from superuser to tech professional about four years ago. But she's hardly the only nontechie fulfilling an IT role.

At PCGCampbell, a marketing and communications company in Dearborn, Mich., some super users have been dubbed "information administrators" and have been imbued with special powers not available to ordinary mortals -- such as managing access to sensitive data.

"As a marketing company, we often handle personally identifiable information that needs extraordinary protections on it," says Joe Vandervest, vice president of information systems at PCGCampbell. "These guys are sensitised to it. They're right in the trenches, so they know what's going on. We empower them to set up protected folders for the data or to come directly to us."

Some employees feel more comfortable talking with super users than with IT personnel, Vandervest adds. Likewise, the information admins can report back to IT about issues other users may be encountering. Later this year, PCGCampell plans to empower its information admins to act as content managers on the company intranet and to install software on clients' machines.

"In our organisation, people are superbusy, and they travel all over the country," Vandervest says. "They need flexibility in the field, which is what we're trying to get at by having delegated powers."

But there are caveats, Vandervest says. For example, the approach can only work if you have the necessary training and certification procedures already in place.

"I would caution against delegating authorities without compensating controls in terms of certifying their abilities and their understanding of security policies," he says. "Trust, but verify. Most people tend to delegate and empower without checks and balances. If you're allowing super users to install software, for example, you better make sure you're keeping an eye on license compliance. You want to make sure you're compliant."

Tip No. 4: Create a safe place to collaborate

Getting your super users to contribute ideas is one of the best things you do for your organisation.

Eighteen months ago, Cisco launched I-Zone, a companywide wiki for developing innovative business ideas. Since then, Cisco's 61,000-plus employees have contributed 600 ideas for potential US$1 billion-per-annum ventures, says David Hsieh, senior director of marketing for emerging technologies at Cisco.

But letting end-users build their own blogs, wikis, or other collaborative tools is just asking for trouble, says Bill Penn, chief architect at Covisint, a vendor of collaboration solutions and services.

"CEOs aren't considered hip unless they're writing their own blogs these days," says Penn. "But you don't see the same CEOs saying it's OK for employees to create their own blogs and wikis. People need to be held accountable. You need to have a compliance and security framework tied to identity management systems before you turn these folks loose."

John Baschab, president of management services at Technisource, says his tech staffing and consultancy firm created its own collaborative site to include a ScrewTurn wiki, WordPress blogs, a user forum, and a file management app, all wrapped up within Microsoft SharePoint 2007.

"You've got to give end-users tools and the sandbox to use them in, and to make it easier for them to use than it would be to do it themselves," Baschab says. By including SharePoint into the initiative, Technisource can ensure production-level performance, data backups, security, and single sign-on.

"If you don't give users these things, they'll eventually just give up on you and go elsewhere," Baschab says.

Tip No. 5: Recruit your own geek squad

Super users constantly try to introduce new technology into an organisation. Let them -- but make sure they support it themselves.

Chris Lynch, vice president of engineering at collaborative software firm Daptiv, begged, pleaded, whined, and cajoled his IT department to let him use a Mac, until they finally gave in -- but only after he offered to be his own support department.

"At first, our IT department said they didn't have anyone in IT who knew anything about Mac management and support," Lynch says. "I said, why not start with one person -- me. I will get a Mac, I will support it. Any problem I encounter, I come up with the best practice to resolve it and tell you everything I do."

You can guess what happened next. Soon, other people at Daptiv saw Lynch's Mac and wanted one, too. So he became their support department as well. The IT department saw the writing on the wall and assigned a staffer to handle the company's burgeoning Mac population, which Lynch estimates at 15 to 20 machines. (He says Daptiv offered to send him to Mac training as well, but he declined.)

EMA's Hank Marquis says deputising super users to provide shadow tech support also allows business units to get faster fixes without busting the IT budget.

"Say you have a remote office," Marquis says. "They're unhappy with IT because when the network goes down it takes four hours to get someone there to fix it. But if you take a person on site and make them a quasi-member of IT, he can call a special number to access the help desk when the net goes down. Or he can have a key to the telecom room and enough training to reboot the system. Business users get back up in minutes, not hours."

Just don't overdo it, Marquis warns. It's easy to give super users so much extra work that they don't do the jobs they were hired to do.

There are other unexpected consequences as well. Once Daptiv's Lynch got his shadow Mac operation going, he naturally needed an iPhone to go with it -- and so did 30 to 40 of his BlackBerry-wielding colleagues.

"I must be the bane of IT," Lynch jokes.

Bottom line? "You better hop on this train because it's moving," says Alex Chriss, business development lead at QuickBase. "You need to believe in your super users and empower them. They're the ones that have the business-specific knowledge. If you can empower them and give them the tech knowledge and toolset they need to solve problems, you're the one who's going to look like a hero."