Shadow IT To Remain A Focus For Both Vendors And CIOs

Shadow IT Trends

Shadow IT, a phenomenon defined as building internal IT systems without the official organizational approval has been a growing concern for CIOs over the last few years. In 2015, it climbed to the top of the list of the emerging IT threats, with as much as 83% CIOs reporting they have experienced some form of unauthorized delivery of cloud services.

This trend has a lot to do with the increased use of mobile devices at workplace and unregulated data transfer through employees’ personal cloud applications, which makes organizations unable to control the flow of corporate data. Unsurprisingly, managing shadow IT implementations becomes a focus for both organizations and cloud vendors.

Shadow IT Trends

Among the major releases we’ve seen in 2015, IBM’s Cloud Security Enforcer gained significant attention by enterprise analysts and security experts as a solution that could greatly increase the safety of business apps. To enable organizations to effectively fight shadow IT, the platform provides the necessary features to monitor and analyze the use of cloud applications at Workplace, and use this knowledge to minimize security threats. Apart from IBM, multiple other vendors compete in the market, aiming to redefine the ways enterprise works in the cloud.

New solutions for fighting shadow IT

Employees are more frequently turning to cloud applications to transfer corporate data and accesses company network remotely. This represents a major change for the IT infrastructure in modern businesses and makes the modern workplace more flexible. As a result, companies in the US and most other parts of the world increasingly hire remote workforce and introduce BYOD policies, all of which require new security systems to maintain maximum level of protection.

To anticipate the demand for secure mobile workforce solutions, multiple cloud vendors have recently released platforms for managing data access and transfer. Apart from Cloud Security Enforcer, back in April, 2015 we also welcomed the launch of CipherCloud’s Cloud Discovery Enterprise Edition that aims to help large organizations enforce their security policies.

In a survey associated with the release, CipherCloud found that 86% of cloud applications used at workplace are unsanctioned, which is a figure that complements the one mentioned in the introduction. Obviously, the security vendors have a lucrative market to serve with their shadow IT solutions. However, even with the advanced security systems, organizations themselves still carry a great deal of responsibility over the ways this issue will be managed.

Addressing the issue directly

Given its scope, shadow IT can be highly difficult to control, due to the diversity of platforms and services potentially involved in creating a whole new infrastructure. The greatest problem, of course, is the fact that employees use the same services for both personal and business files. Yet, some analysts suggested that shadow IT should be embraced as a natural stage of the IT evolution. Furthermore, Gartner analysts had a similar view at the Gartner Symposium/ITExpo 2015. Namely, the general recommendation is to fight the problem by facing it directly, i.e. determining the true scope of shadow IT in the organization first. Speaking at the event, Gartner analyst Hank Marquis said:

Shadow IT for the right reasons, in the right areas, can create value,” adding that organizations have an untapped pool of resources that could be used. “The dark side is you’ll be responsible for the bad decisions all those shadow IT people make.”

Marquis’ comments imply that the problem is tamable, although not that easily. Organizations first need to find out the ways to identify the number and type of apps used at workplace, as well as educate their employees on the best practices for using them. Currently, some popular apps such as Dropbox and Facebook are most frequently banned at workplace, but the organizations can always suggest more secure alternatives. In the file sharing space, these could be client-side encrypted services such as pCloud and SpiderOak, which provide a higher level of privacy for both personal and corporate documents. This way, the organizations can minimize the long-term risks associated with unregulated and reckless use of communication, file-sharing and storage applications.

After all, employees are still seen as the weakest link in corporate security. Therefore, they need to be educated on the best practices for keeping their accounts safe and on the great risk associated with file sharing. Finally, the organizations need to find the proper balance between adopting new solutions and ensuring the employees always have the necessary resources at their disposal. Only this way, organizations can take advantage of shadow IT, instead of trying to eliminate it completely.

Conclusions

The changing landscape of corporate communications is increasingly associated with the mass adoption of mobile devices that introduce a new level of business flexibility. At the same time, however, the mobile revolution increased organizations’ exposure to cyber risks through Shadow IT and this is precisely the problem today’s leading cloud vendors aim to solve. The latest solutions developed for the purpose promise another era in mobile-enabled businesses, thus representing an interesting new IT focus.

By Sarah Green

Ronald van Loon

The Data & Analytics Landscape is Shifting: How to Embrace the New Phase

The Data & Analytics Landscape is Shifting Enterprises are now starting to adopt a more data-intensive approach to business, one that is supported by a number of emerging technologies. The modern enterprise is increasingly facing ...
Business Virtual

Open Virtual Exchange (OVX) – Helping DSPs Fast Track the Monetization of SDWAN

Open Virtual Exchange (OVX) Bring agility and speed to market with intelligent network automation Digital Service Providers (DSPs) do have high expectations from virtual network services such as Software-Defined WAN (SD-WAN), as it promises to ...
Business Voip

Cloud Governance Best Practices & How “Legacy Governance” Hurts

Cloud Governance Best Practices The cloud can provide your organization with substantial benefits -- if you adopt an effective cloud governance model. Businesses established before the cloud era (or those that took their IT governance ...
Anita Raj

Coronavirus: Can technology help fight the pandemic?

Coronavirus and Telemedicine Technology COVID-19 has brought the world to a near standstill. From NBA to Met Ball and Coachella, all major events and festivals are canceled. Disneyland is shut and movies are postponed. Flights ...
Hacker Cloud

Pandemic and Cybersecurity: Top Threats to Businesses

Pandemic and Cybersecurity The worldwide spread of the COVID-19 virus is coming to naught (or at least we hope so). But the impact that this virus produced on the whole world, and specifically on businesses, ...
Sebastian Grady

ERP Software License versus Cloud ERP SaaS Subscription ─ Pros and Cons 

Software License versus SaaS Subscription Your software is an asset. Software vendors such as Oracle and SAP are pressing customers to replace existing enterprise applications in order to move to the vendor’s new platform. Yet, ...