Understanding 'Shadow IT' and its Risks – Quick Intro

Shadow IT is essentially any software or hardware that runs without IT knowing about it. These can be

  1. Productivity applications

  2. Applications for personal use or

  3. Applications we do not want to see on our network such as pornography

All these applications are not necessarily bad. A lot of these apps are quite good and may add to the employee's productivity. So, IT does not want to block all these applications necessarily; they may want to allow some of these applications in their environment potentially. To do so, they need to find answers to the following questions.

  1. How do you discover shadow IT apps?

  2. How do you set processes around them?

  3. How do you secure the data on these applications?

Why is Shadow IT a problem?

When IT is not familiar with these 'outside things,' it causes security loopholes. IT is blind to security updates on the apps in their environment, but not by their choice. The second big reason could be illegality, depending on your industry, and depending on what is going on. There are a lot of regulations around sensitive data, so especially if you're in health care or financial industry, there can be lots of different rules that you might not be aware of, but that is part of core IT. This is a good recipe for a legal disaster. The third reason is what benefits one set of employees might not help the whole company. The intent of the employee is right, and that is to create efficiency for himself/herself, but each employee doing his or her own thing creates inefficiency to the organization as a whole.

How Big is Shadow IT?

Verizon's study has shown something about 61% of all software and hardware on the company's network is considered Shadow IT. So, keep that in mind, investigate it but please remember that there is a probably good reason why your employees use what they use.

I hope this quick intro was useful. If you are an IT Team member and are looking at simplifying your SaaS environment, request here for access to Zluri and manage your Shadow IT constructively.