With the world-of-work changing at a seemingly lightning pace, users are adopting a range of different technologies to streamline their workflow and aid them in their processes. With this shift in mind, what is Shadow IT and what does it mean for organisations?
What is Shadow IT?
In simple terms, Shadow IT is the use of devices, applications, services and IT systems without explicit approval from a company’s IT department.
It is something that has grown rapidly in recent years due to the increasing adoption of cloud-based services and applications.
Popular examples of Shadow IT apps include Slack and Dropbox, whilst good examples of hardware Shadow IT include personal smartphones or tablets.
What Benefits Can Shadow IT bring?
There is no doubt that this kind of IT approach can deliver a range of benefits to organisations. It can enable staff to work more efficiently, in a way that works for them, which drives innovation. For example, if a member of staff were to find a photo editing app that is easier to use than the one officially allowed under company IT policy, they could not take advantage of it without Shadow IT.
With this approach, they are freed from their company’s IT security policy and can use the new app instantly to get better results. This kind of IT approach can also avoid bottlenecks in organisations which can often happen when gaining IT approval for apps or platforms. Not having to wait for approval means staff can use their own IT solutions to be more productive and get projects completed on time.
What Are The Security Risks?
Although the benefits of this approach are worth considering, you must also factor in its inherent security risks. The bottom line is that if an organisation’s IT department is not aware of a device, app or platform, they can’t ensure it is safe to use.
This then puts the emphasis on individual staff members to manage unofficial devices/apps and take preventative measures against cyber threats. If you have users who are not overly IT literate, or are less conscientious as others, this could pose a real danger.
The nature of some Shadow IT apps or platforms could also be a risk. Sensitive company data which might be leaked from file-sharing apps, for example, could have serious financial, and reputational, repercussions due to GDPR.
Shadow IT Is A Useful Tool For Organisations
As the above shows, there is a lot to like about Shadow IT, but also some security risks to factor in. Many companies find that occupying the middle ground on this subject is best. This allows their staff to find quick solutions which work for them, whilst meaning their IT department keeps some level of control.
To assist in this, discover more about solutions such as mobile device management and MFA in our cyber security services:
More About Security