214-207-4249 | Influencing Strategic Thinking steague@resourcedomain.com
Select Page

WHAT IS SHADOW IT?

Gartner says “Shadow IT is IT activity that occurs outside of IT. Shadow IT is growing in many organizations driven by consumerized technology, mobility, the availability of cloud solutions and quite frankly relatively slow cycle times within captive IT organizations”.

Examples of Shadow IT include:

• Personal devices connected to the corporate network (mobile phones, tablets, USB drive) with the capacity to copy and transport data
• Installation of software applications such as Dropbox or other free cloud storage
• Cloud services like Amazon AWS
• Social media sites that can import an entire contact database
• Installing a free app on a smart phone that has access to corporate emails and contact databases

Shadow IT is driven by the needs of individuals and departments to use the best tools they can get their hands on – without IT Department delays. The cloud has made this significantly easier, inexpensive and ad-hoc. So the use of Shadow IT is growing.

HERE’S WHAT THE NUMBERS HAVE TO SAY

“By 2015, 35 percent of enterprise IT expenditures for most organizations will be managed outside the IT department’s budget.” (Gartner)

“Almost a third of IT managers said covert cloud spending can support business growth and innovation, and 38% said it allows them to respond faster to client demands.” (VMWare)

“48% of IT managers in Europe expressed concern that off-radar cloud spend escalates security risks.” (VMWare)

CREATE OPPORTUNITY FROM A THREAT

Shadow IT is here to stay and the consequences of ignoring its existence can be far-reaching. However, steps can be taken to help employees and business owners reach a better understanding of Shadow IT and establish the practices that work best for each organization.

Some practices & steps could include:

  • Educating everyone about the risk and exposure; especially those related to data privacy and compliance. Include information on what the consequences for the organization, employees, and customers could be.
  • Equip people with information: what they need to look for and do as part of their due diligence. Everyone needs to have good internet hygiene.
  • Review and approve acceptable Shadow technology with appropriate limitations instead of trying to ban them altogether
  • Make these changes a part of the BYOD and SaaS policy. With clear and simple guidelines to understand, remember and apply.
  • Create an environment of trust and collaboration. Setup a “helpdesk” or go-to-person for advice and recommendations for people to come to without fear of reprimand or push back.

FURTHER READING

http://www.mcafee.com/us/resources/reports/rp-six-trends-security.pdf

http://blogs.gartner.com/david_cappuccio/2013/11/27/shine-some-light-on-shadow-it/