What Exactly is Shadow IT and How Do I Stop It?

You’ve reached an archived blog post that may be out of date. Please visit the blog homepage for the most current posts.

Once upon a time, IT departments had near total control over which technology their organization adopted. From hardware to software, nary a tech purchase was complete without the IT director’s blessing.

Oh how times have changed.

What is shadow IT?With more than 1,000 apps being delivered to the App Store every day, and dozens more programs and tools being peddled across the internet every day, controlling all tech within your business is nearly impossible. If your workforce isn’t using a variety of non-sanctioned software, you’re in an ever-shrinking minority.

Shadow IT, also called stealth IT or phantom IT, refers to any tech utilized within an organization without the knowledge or approval of the IT department — and today it accounts for about 40 percent of all IT spending.

But while increased usage of easy-access SaaS may seem relatively harmless, it can cause plenty of problems.

What Does Shadow IT Do?

So why is unsanctioned tech such a major concern?

Essentially, it makes it extremely difficult for your IT team to do their jobs. For example, phantom IT…

  • Creates potential vulnerabilities and entry points for cyber criminals.
  • Threatens your organization’s PCI compliance standing.
  • Reduces your helpdesk team’s efficiency by introducing products they aren’t trained to troubleshoot.
  • Makes it nearly impossible to track IT spending and manage SaaS renewals.
  • Opens your organization up to losing important files and information when an employee leaves.

How Can I Stop Shadow IT?

Other than monitoring your workforce’s every move like the IT gestapo, ending shadow IT isn’t likely. But, you can significantly curb instances of unapproved tech within your organization by the following:

  • Make the approval process easier. When you consider how inconvenient it is to request various products from the IT department, it’s no wonder employees go rogue and seek it out themselves. Instead, make the process quick and easy by including it as part of your ticketing system and keep users posted along the way.
  • Make IT approval a company policy. It’s not just impatient employees bringing random technology into your organization. Sometimes, it’s well-meaning department heads who assume so long as it falls within their budget, they don’t need IT’s sign-off. By making it a written policy, you can ensure the IT department exercises more control and gains greater visibility into tech purchases.
  • Train employees on the dangers of unsanctioned tech. You’d be surprised how much of your workforce doesn’t understand how or why downloading and using unapproved software puts the organization at risk. Take time to explain vulnerabilities and how their carelessness could open your business up to a data breach or cyber attack.

Next Steps

If you’re concerned about shadow IT within your organization, you’re not alone. With the proliferation of user-friendly and easily accessible SaaS products, this problem is a growing challenge for businesses of all sizes. And while stopping it entirely may not be totally feasible — at least not yet — taking the measures above can help you exercise greater control and put tech decisions back in the hands of those most qualified to handle them: your company’s IT staff.