The rise of SaaS has led to the democratization of IT—letting just about any employee with a corporate card purchase software. Its impact is felt everywhere from cloud storage and collaboration to marketing automation and analytics.
If you ask IT, they’ll refer to this practice as Shadow IT and reel off the security risks associated with “rogue” software. We don’t disagree that these risks are genuine. However, there is a growing school of thought that says that Shadow IT is not necessarily a bad thing. After all, it shows that employees are hungry for tools that help them function more effectively and keep pace with the speed of business.
Both viewpoints have their merits. And like many things, it’s not black and white. To that end, how can you mitigate shadow IT risks while still taking advantage of the insights it provides you with on your employees and their needs.
What Is Shadow IT?
Shadow IT refers to software applications used within organizations without explicit organizational approval.
Research from the Everest Group found that a whopping 50% of technology spend lurks in the Shadow. This figure means that the average IT department is entirely in the dark about half of the technology in use.
Framed another way: Corporate IT security professionals estimate they have 30 to 40 apps in the cloud when the reality is a staggering 928 apps. Shadow IT leads to a host of issues, including:
- Poor data security
- Cost overruns and misallocated budget
- Falling afoul of regulatory and customer audit compliance
How Shadow IT Can Be a Positive
You might be wondering how it’s possible Shadow IT can be beneficial to your organization given the risks we’ve just outlined. The reality is that Shadow IT can also open your business up to incredible opportunities for innovation.
97% of IT teams surveyed by Entrust Datacard said their employees were more productive when allowed to use their preferred tools, and 80% said their companies should deploy more tools suggested by employees.
These benefits shouldn’t come as too much of a surprise. After all:
- Shadow IT solutions often fill a gap between what’s available to the employee and what they need.
- Employees are generally happier and more productive when they’re able to use the tools they know and like. (Some companies even list it in their job postings as a benefit — further proving how critical the right tools are to attracting and retaining talent.)
So, how can you square this circle?
Balancing the Risk and Reward of Shadow IT
A shadow IT policy that allows employees to experiment with new tools while mitigating Shadow IT risks is a competitive advantage. It’s also achievable.
First things first, IT must not be in the dark about which apps are being used and, most importantly, what data goes to the cloud.
Most companies are aware that there’s a shadow application or two making their way past the IT infrastructure. The problem is that they underestimate that number by a factor of 15 to 22, according to Cisco’s Shadow IT report.
The quickest way to gain visibility? Use a SaaS management platform like Augmentt. You automate by using our advanced log file analysis framework. We allow you to quickly identify every SaaS application used on your network across the entire employee base.
From there, we recommend declaring a Shadow IT amnesty. This amnesty invites people to start a dialogue, encouraging employees to talk about why they need a particular shadow IT solution and why existing software is not up to the task.
With this approach, over time, the role of IT shifts from finding and vetting solutions to orchestrating the solutions employees want. Eventually, people will turn to them for help making their tools even better.
Organizations that harness Shadow IT and turn its risks into rewards will ultimately thrive. Smart companies implement solutions and protocols that allow employees to own their work experience without the friction of rigid technology approval processes or added security vulnerabilities.