Shadow IT has a bad rap. It sounds ominous and a little unsavory, like someone waiting in a dark alley to roll you for your brand new Nike’s (or that extremely sensitive data your business relies on). But is it all that bad?
Shadow IT – which refers to any hardware, software, and apps being deployed in an organization that are not sanctioned or controlled by the IT department – actually arose from employees wanting to work better. Back in the day (meaning like 2011 or 2012—eons ago in cloud computing time) employees who were anxious to get their paws on the latest software or service found ways to get it without going through the IT department. Picture this: “Pssst. Hey Brenda, I hear you’ve got the Outlook 15.0 hookup. Don’t bogart that man, come on. My emails really need a pick me up. No, I can’t wait for Daryl in IT, you know he’ll never hook me up. Here, take my chocolate chip muffin and hand it over.”
But as the availability and awesomeness of SaaS apps and cloud service exploded, and with the advent of BYOx in many workplaces, Shadow IT grew. And grew. And grew. In fact, it may have gotten away from us. Cloud apps went from being a fun add-on to business functionality – “Hang on, I’ll just Dropbox you those files instead” – to being in many cases the preferred way to work for many employees. And with so many apps to choose from, they can get a little carried away. According to another cloud security vendor in our space, enterprises are now using over 900 cloud apps on average—about half of which are not controlled by IT. (We can’t even name 900 cloud apps, can you?) Yikes. That’s a lot of unsecured data floating around.
Despite your employees’ good intentions, you need to get that data back under your control. But how? You don’t want to shut it down entirely. If you do that, you could kill valuable productivity tools, not to mention employee morale and innovation—which you want to encourage. (Innovation = good, right?) The best approach is to understand and embrace Shadow IT, and put measures in place that return full visibility and control to you. Cloud Access Monitor is a great place to start shedding some light on the Shadow IT in your organization. Control, don’t condemn. (Makers gonna make, innovators gonna innovate.)
