What you don’t know about shadow IT…

Shadow generally refers to something dark, mysterious and possibly pursuing something in secret. When you join IT with a shadow of that sort, you end up with Shadow IT. It is basically any hardware or software used in an enterprise that is not supported by the organization’s IT department. Even if the term may look neutral, it often bears a negative connotation because it’s done without the approval and knowledge of the IT department.

In the past, shadow IT was used to satisfy an employee’s desire for immediate access to hardware, software or web services without following the conventional procedure to obtain the technology through corporate channels. Lately, with the consumerization of IT and cloud computing, shadow IT includes personal technology that employees use at work or niche technology used in the business divisions.

sh2

Currently, who do you think are using shadow IT to the fullest? You’ll find the answer to this in by the end of the article and you sure will be surprised. Before that, I unravel to you a few truths about shadow IT. These are compiled from a recently released study, sponsored by MacAfee Software) from Stratecast and Frost & Sullivan, based on input from 300 employees in organizations in the United States, United Kingdom, Australia and New Zealand. This report written by Lynda Stadtmueller, program director of cloud computing for Stratecast/Frost & Sullivan, point out six findings about the true nature of shadow IT:

1) Everybody does it. More than 80 per cent of the survey respondents seems to have used non-approved SaaS (Software as a service) applications to run their work-life. The companies themselves use over 20 SaaS applications and about a half of them are non-approved. They don’t seem to look like shadows anymore because they are pretty open.

2) Lack of clear consensus and poor communication plague SaaS policies. Almost all enterprises, irrespective of their hugeness and reputation they harbor, tend to have a hodge-podge of policies when it comes to SaaS usage.

3) Employees just want to do their jobs.  There’s nothing wrong or rebellious about shadow IT. People use it simply because they know it and are comfortable with it. In the end of the day, it helps get their jobs done.

4) Non-approved SaaS usage extends across all application types. Not only are there such desktop productivity SaaS tools, there is a humongous amount of online analytics tools, web conferencing platforms, and even HR applications which the employees tend to use.

5) Employees recognize risks, but feel they are justified. About 15% of employees are personally aware of incidents in which data was compromised due to the usage of such tools. Yet, this sense of risk is not deterring shadow IT.

sh1

6) We have met the enemy, and he is us. Coming to the answer of the question I asked previously. The study finds that the biggest users of shadow IT services are … the IT employees! How ironical! Stadtmueller speculates that IT users feel they can manage the risk in a better way. Her explanation and justification towards it is: “Like parents who down a latte and doughnut while admonishing their children to eat a healthy breakfast, it may be a case of ‘do as I say, not as I do!'”

Image courtesy: www.emea.symantec.com