In every company I've ever seen, IT is underfunded and under resourced. Networks fail. Security becomes heavy handed and unreasonable (i.e. My job's not done until you can't do yours). IT is forced to centralize and standardize everything in a world where a cookie cutter approach is doomed to failure from the beginning.
What happens? Employees, who are bonused on getting actual work done, take matters into their own hands, figure out different ways of accessing company networks when the official VPN fails, figure out ways of connecting phones and pads to the network without official sanction, start sharing logins and passwords... All just to keep working day to day.
Unfortunately, this is all easy to hide from clueless CFOs/CEOs and upper management, who really don't care anyway until there's a major data breach, at which point they can only dance around in circles and yell, "Fix it!"
The problems are fixable. Plan IT from scratch. Spend realistic amounts of money on the system. Solicit user feedback continuously to pinpoint trouble spots. Force IT management to communicate relevant issues with users and system administrators.