Not long ago the "app" was a shorthand that only IT professionals used. They talked about enterprise apps, personal productivity apps, or line of business apps. Now primary school kids know what apps are and the government seems anxious to get them writing their own… For the rest of the population, apps are everywhere.

This shift puts IT professionals at the sharp end of a double-edged sword. What you have gained in the generalised acceptance of technology, you could lose in information governance, and hence business security.

If you bolt down security policy too tightly, you could risk alienating users who are likely to be the ones providing the innovation your company needs and even if they don’t do that, they are the ones who are most open to new systems you introduce. They are the ones who could help other users benefit from systems and applications you have invested in. They need encouragement.

But get it wrong, have too little governance and could see your data become mismanaged, incoherent or stolen and worse.

One approach to managing this dichotomy is put forward by analyst group Forrester. Research director Alex Cullen says business technology organisations should consider the use of "guiderails", rather than draconian policies for permitting technology use. With guiderails "IT maintains strict rules for the technologies that matter at the core of their business and remains flexible for all other technology, giving business execs that need it greater autonomy".

The advent of cloud computing adds a certain urgency to finding an approach right for your business. This model can allows business managers frustrated with the lack of progress on their application development to plug into an off-the-shelf, cloud-hosted app with minimum of fuss.

The answer, Cullen says, is not prohibition. IT can allow business units to make buy cloud services, and end-user hardware for that matter, providing the benefits justify the investment and the risks are managed. "Business value, more than hard and fast IT rules, will be the predominant factor in decisions."

Guiderails may differ according to the area of the business, or seniority of the employee. They will need to be developed in close alignment with an information governance policy. But used wisely they might be an appropriately safe way to allow business execs to innovate without casting the IT department as the technology police. Don’t you wish there was an app for that?