• Register

Pacific NorthWest Managed IT Services Blog

What You Don't Know Can Hurt You - The Issue with Shadow IT

Top 5 risks of shadow IT

Shadow IT refers to the practice of using software and other systems outside of, and without the knowledge of the IT department. When it comes to small businesses you could replace that without the knowledge of the owner or manager.

As the use of SaaS software grows exponentially, so has Shadow IT. Employees now have the ability to bypass IT with software that's available for a low monthly fee–or for free– with the click of a button.

The driving force behind Shadow IT differs from organization to organization. Sometimes employees believe it improves efficiency. They believe they need these tools to do their jobs.

Other times not involving IT is seen as a way to drive down costs. Sometimes people simply grow impatient waiting on their organization to make a decision.

Whatever the reason for its existence, Shadow IT brings with it five main risks. We cover each one in detail here. 

 #1 Data Security and Loss

With the consumerization of IT, even a smaller organization may have hundreds of these applications in use.The lack of visibility into where organizational data lies represents a security gap. Although some applications are harmless, others include functionality such as file sharing and storage, or collaboration, which can present big risks to an organization–especially if these applications contain sensitive data.

Many organizations do not know where their data is stored and here are just a few stats to show how quickly this problem is growing:

39% of corporate data uploaded to the cloud is through file sharing applications

The average organization shares documents with 826 external domains

Each employee uses on average 4 file sharing applications

If IT is not aware of these applications then they cannot recover any data lost since no backups are in place. Additionally IT certainly cannot ensure that these applications have the proper security settings in place to prevent bad actors from gaining access.

 2 Compliance

Requirements for IT compliance are becoming increasingly stringent.

No matter the organization, regulatory compliance is likely critical. There are numerous standards that businesses need to comply with–from GDPR to industry-specific regulations like HIPAA–and the use of shadow IT can potentially lead to fines for violating these compliance requirements.

Due to the inherent lack of control and transparency, unregulated public clouds make it impossible for companies to prove compliance with these regulatory requirements 

 3 Finances

In addition to revenue losses, for example, due to data loss or disrupted business processes, severe financial penalties may be imposed on the company or members of management.

There are also other issues such as duplicate apps. There might be different email, file sharing, sales and marketing automation, project collaboration, messaging, and other cloud capabilities in use.

It's easiest to illustrate the cost of this with an example. Let's say your organization has 200 employees with one department of 100 employees who prefer Slack over Rocketchat and another department of 100 employees who choose to use the duplicate Rocketchat app.

Your organization is paying $12,000 for 100 employees who use Slack and $24,000 per year for those who use Rocketchat. That's $36,000 per year for 100 people to use their preferred internal communications tool. There may even be a chance to migrate all of these tools to a free solution such as Microsoft Teams if you're already leveraging the Microsoft 365 suite.

 4 Inefficiencies and Productivity Losses

Shadow IT by nature is done without the knowledge of many people. Very quickly you can have many groups within the company with a similar problem who have selected a different tool or the same tool but have setup different accounts.

Since each team is administrating their own software often there are no standards or best practices and employees leveraging that software received very little training. Compare this to companies who standardize on a single solution. There because a centralize admin who you can ask for help and generally most employees can support each other since they are on the same system.

While organizations should aim for clear ownership and company wide best practices you sometimes just need to get the job done. However we should do it with eyes wide open meaning there should be a good reason for an employee to be a software administrator and the business should know who owns that software in the case of a billing, support or something else comes up.

 5 Poor Decision Making

Businesses can't clearly manage what they don't know or can't measure.

Shadow IT plays a role in this confusion, especially around compliance. But, this lack of visibility surrounding data and how people make decisions manifests itself in lots of other areas that present a challenge to the business.

Many businesses need to plan budgets or make technology decisions for the months and years to come but without visibility into what you have today it becomes a challenge to plan for tomorrow.

What can you do to leverage technology smarter?

Managing Shadow IT is all about making intentional business decisions on the technology you use. In order to do that you'll need the facts. The place to start is to gain visibility into what software your organization is actually using.

Many businesses attempt to do this with spreadsheets and manual tracking however it quickly becomes too much overhead for someone's job and the sheets get out of date quickly and the organization keeps moving forward and the lack of visibility continues.

This is where Pacific NorthWest Managed IT comes in. We're here to help you find out what software you are using today and to keep monitoring it tomorrow so you can reduce your risk and make more informed business decisions 

...

IT Services Overview | Coeur d'Alene, ID | Pacific NorthWest Managed IT

An overview of our different IT Services. Click for more information on what we offer.
Everything You Need to Know About Windows 8.1 End ...
What You Need to Know About the Internet of Things
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Saturday, September 18, 2021

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://pnwmits.com/

Latest News & Events

Pacific NorthWest Managed IT Services is deeply invested in Business Performance. We are NOT just an IT managed services company, we are Business and IT solutions. Connecting Business to IT means helping your Business Perform by overcoming ...

Contact Us

Learn more about what Pacific NorthWest Managed IT Services can do for your business.

Call Us Today
Call us today
1-208-449-1133

6848 N Government Way
Suite 114-47

Coeur d'Alene, Idaho 83815-7799