Shadow It

Shadow IT – Threat or Opportunity?

Shadow IT

Shadow IT – sometimes referred to as Stealth IT – describes the usage of IT systems and solutions that are built and used inside businesses and organisations without explicit approval from IT departments and/or management. Fueled by the growth of BYOD policies, Christopher Rentrop, Professor of Informatics at Konstanz University of Applied Sciences, believes it now includes “all applications that are acquired without the IT department’s involvement and whose use is not covered by IT service management”

His definition means the term includes software, cloud apps, workflows and even hardware. While Shadow IT can play an important role in the fields of innovation, research, and development, it also causes problems by frequently failing to adhere to a company’s need for control, documentation, security and reliability.

Compliance

But how much of a threat is the area? Can a company be seriously compromised by unchecked Shadow IT within its walls? We know hardware can be identified by network management tools, but monitoring social media platforms and other cloud-based applications is very difficult. For example, staff can use Facebook or Dropbox to send or publish documents unobserved and pose a compliance risk, while non-approved software and services consume bandwidth, slow networks, and ultimately add to the workload of IT departments. Indeed, half of the IT managers questioned believe that 50 percent of their budget is being eaten up by the management of shadow IT alone.

Some analysts believe that Shadow IT now threatens the very existence of IT departments. They claim that the traditional procurement process is dying, replaced instead by individual departments servicing their own IT needs away from the eyes of the IT departments. Three reasons for this are normally forthcoming; 1) IT departments are slow and cumbersome in terms of action, 2) the IT departments lacks the expertise necessary in certain apps, and 3) the IT department is too expensive and too complex. Research by Gartner suggests that at least 90 percent of all IT spend will be managed outside of the IT department by 2020, with Forrester adding that central IT departments will become largely obsolete.

Current IT Landscape

Rather than posing a problem, it can be argued that this instead represents an opportunity. The reason the traditional procurement processes are dying isn’t the fault of IT departments per se, but because lots of organisations insist on using a method that is 25 years old and out of touch with the current IT landscape. IT departments need to listen to the staff, aiming to become a powerful and forward-thinking force that helps make companies more efficient, effective and profitable.

Staff should not be accused of circumventing IT departments wilfully. Typically they have a problem that they need solving fast. When the world outside the office sees such solutions a download away, it is unrealistic to expect a different, lengthy procedure in work. Such a situation explains the soaring growth of services like Dropbox – emails cannot cope with large attachments, so employees use Dropbox and the problem is solved – with or without the blessing of the IT management.

Shadow IT Infographic: Vanson Bourne

What do you think of Shadow IT, is it a threat to organisations’ internal security, or an opportunity for them to amend and improve their practices? Let us know in the comments below.

Tomorrow we look at the security risks round apps frequently used within the Shadow IT umbrella.

By Daniel Price

Daniel Price

Daniel is a Manchester-born UK native who has abandoned cold and wet Northern Europe and currently lives on the Caribbean coast of Mexico. A former Financial Consultant, he now balances his time between writing articles for several industry-leading tech (CloudTweaks.com & MakeUseOf.com), sports, and travel sites and looking after his three dogs.
Gilad David Maayan

5 Reasons You Need DAST to Secure Your Cloud

5 Reasons You Need DAST to Secure Your Cloud What Is DAST? Dynamic Application Security [...]
Read more
Tosin Vaithilingam

Optimizing your investment: Key Considerations for Divestiture Migrations

Divestitures: What to consider during the migration process “Divestitures require careful planning and execution, but [...]
Read more
Randy

What is Data Mining in Cybersecurity and Why Does it Matter?

What is Data Mining With the amount of data created and used by businesses growing [...]
Read more
Josh Miramant

Benefits of a Data-First Culture: 3 Simple Strategies to Apply a Data-First Approach

Benefits of a Data-First Culture When it comes to analytics solutions, centralization versus decentralization is [...]
Read more
Premkumar Balasubramanian

Don’t Fret About Cloud Providers’ Growing Influence Amid AI

Focus instead on where best to run your workloads and start using cost-conscious coding  The big [...]
Read more

SPONSOR PARTNER

Explore top-tier education with exclusive savings on online courses from MIT, Oxford, and Harvard through our e-learning sponsor. Elevate your career with world-class knowledge. Start now!
© 2024 CloudTweaks. All rights reserved.