Shadow IT: What is it and what’s behind it?

Regina Rakipova

There is nothing concealed that will not be revealed. Shadow IT is not the case.

Shadow IT refers to IT resources (devices, software, services) used by employees without explicit permission of the organization’s IT department. Either the technology is not approved by the department or IT specialists are simply unaware that a business unit is using new software or subscribed to a cloud service.

Most organizations heavily underestimate the scale of shadow IT adoption. Usually the number of software products and services used by employees is several times bigger than CIOs are aware of or approved of. This number grows exponentially. According to the survey on shadow IT conducted by Stratecast (a division of Frost & Sullivan) and sponsored by McAfee, more than 80% of employees admit using non-approved SaaS applications to fulfill their work-related responsibilities and on the average 35% of all SaaS apps in the company are purchased and used without notifying anyone in the IT department. Interestingly enough, the survey also reveals that IT employees themselves are more prone to using non-approved SaaS applications than line of business employees. Nevertheless, shadow IT presence is not limited to the IT sector only.

Shadow IT is pervasive and can plague an organization of every size, from small business to enterprises and global corporations. It is in every industry: Financial Services, Healthcare, Energy, Oil & Gas, Chemical, Manufacturing, Education, Public Sector, Governments large and small. Employees in any type of organization can be using IT assets that are outside of the ownership or control of the company’s IT department:

  • Portable data storage devices
  • Desktop productivity tools (word processing, spreadsheets)
  • Social media applications (Facebook, Twitter, Linkedin, Snapchat)
  • Filesharing, storage and backup applications (Dropbox, Apple iCloud, Google Drive)
  • Online e-mail services (Gmail, Yahoo Mail)
  • Online analytics tools (Google Analytics, Yahoo Web Analytics)
  • Messaging software (WhatsApp, Facebook Messenger, WeChat)
  • Web conferencing platforms (Skype, GoToWebinar, WebEx), etc.

There are several reasons why shadow IT emerges within an organization.

The first reason is business agility. In today’s dynamic business environment where organizations seeks to be agile and applications develop quickly to meet constantly evolving business needs, shadow IT grows out of pure necessity when employees are looking for ways to solve specific work-related tasks. Often the latest software is immediately considered valuable by a particular business unit. Instead, traditional IT departments appear rigid and reluctant to embrace timely innovation. Obtaining software through corporate channels can take too long and require a lot of paperwork as IT departments usually spend quite some time evaluating prospective software and implementing it due to outdated corporate policies and processes. Traditionally structured IT departments fail to be ahead of the game and keep up with the latest technological trends, so for business units it is natural to bypass internal IT resources to try new technologies that are required for business needs.

The second reason is the cloud phenomenon. A high proportion of shadow IT applications are cloud-based and do not require internal IT involvement for deployment and implementation. The cloud-based model of IT, and particularly the SaaS delivery model, enables business units acquire new systems more easily and use their own budget to purchase dedicated applications and subscribe to services.

Another reason is consumerization of IT. The way businesses access and use IT has changed. Blending of personal and business use of devices and applications has become commonplace, especially among younger and more mobile workforce. Employees expect to be able to use for work personal mobile devices and SaaS which they use at home. This Bring Your Own Device (BYOD) trend encourages employees to use their personal devices (smartphones, tablets, PCs) to process corporate data. Personal devices are used to access the company’s email, internal services, address books, calendars, etc. This ‘work anywhere’ concept positively impacts employee productivity, creates more flexible workplace, and is generally supported by top management.

The shadow IT phenomenon has hit organizations in recent years. It creates new ways employees approach IT issues and enables business units to experiment with applications which are developed and downloaded at a rapid pace. Shadow IT comes with a whole set of challenges and opportunities, which we’ll discuss in our next post.

How to save IT budget on SaaS subscriptions and software compliance