He believes that IT should always secure and ring-fence core systems that are vital to the business' operations, but it shouldn't block tech-savvy business employees trying to deliver value through the public cloud.
"There have been secret PCs under people's desks as long as there have been PCs - stuff that IT didn't know about. IT has to decide the level of control that it really needs, not the level of control that it wants," Craven told Computerworld UK.
"Lots of IT departments want to control everything, but we should be asking ourselves: what is the bare minimum of control and governance that we need to exert to make sure that nobody gets fired"
He added: "You can only control so much and ultimately there are very determined people that will find a way around you, because it's getting easier to buy stuff in the cloud. If you give everybody a little bit of freedom it's far more beneficial."
Craven's comments come off the back of a Forrester and Microsoft report that has been released this week that finds that there are an increasing number of cloud projects coming out of businesses that are not driven out of the IT function. The report describes the business people driving these innovative projects as 'change agents', who are finding value for their company independently of IT, in the cloud.