Shadow IT, The Latest Threat to Security

IT departments have a difficult task keeping pace and deploying all the possible applications available to every end user, while at the same time managing servers and infrastructure.  Add Shadow IT and their job can seem impossible. Shadow IT can be defined as technology or applications being used without the IT Department’s approval or knowledge.  Examples of Shadow IT include; personal devices such as smart phones, separate servers, or cloud based applications such as Dropbox or Google Docs. These applications are intriguing as anyone can be up and running, accessing and sharing information without company approval, in minutes, at little or no cost. Besides offering ease of use, Shadow IT helps employees work efficiently, remotely, and with products and services that they prefer and are familiar with.

Despite the benefits, numerous issues can arise with Shadow IT.  The first is security. Your IT department makes sure they are in compliance with government and industry standards.  The IT department cannot monitor the “Shadow IT” employees might be utilizing.  Use of unapproved applications can increase the chance of uncontrolled data flows.  There is also the capacity for identity theft, and viruses and/or malware affecting your infrastructure. Bandwidth can also be an issue as employees using various cloud-based applications can slow your Internet down.

Just as BYOD (bring your own device) is here to stay, so is Shadow IT.  IT departments should consider developing a process where end-users can suggest utilizing these productivity enhancing technologies without getting the reflexive “No” from the IT managers.  We are all trying to get more done in a workday and Shadow IT applications oftentimes add hours of worktime to our day.  Employees need to be mindful that they need to clear any application with the IT department to ensure that no security issues will arise. Shadow IT is one area where the philosophy of “it’s better to ask forgiveness, than permission” can cause permanent and lasting harm your organization.

Craig B. Hodges



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s