Did you know 83% of CIOs say their business has experienced some level of unauthorised cloud service use?
Shadow IT is everywhere now. Just look at Hilary Clinton’s recent and highly controversial use of private email as a very public example.
But rather than simply trying to stamp out this practice altogether I would urge IT leaders to analyse why employees are choosing to adopt their own cloud services.
What makes those services better than the officially sanctioned ones? And if they’re helping people innovate better and be more productive, is there a business case to adopt them?
You can learn a huge amount by assessing and analysing the use of shadow IT in your organisation.
Why do employees turn to shadow IT?
Your workers don’t adopt unofficial services simply to make your life difficult.
The most likely reason they’re turning to shadow IT is the authorised services don’t properly support their needs.
Or perhaps they’ve found a more efficient way to carry out certain tasks by using a different service to the one provided by the organisation.
Whatever the reason, it’s usually because the ‘shadow’ tools they’ve found make their working lives easier in some way.
‘Good’ vs. ‘bad’ shadow IT
The words ‘shadow IT’ shouldn’t set off alarm bells automatically.
Yes there are risks involved if not managed correctly – lack of control and reduced security being the most obvious ones, particularly in highly regulated industries.
But it isn’t all doom and gloom. Letting people improvise on the fly and use whatever apps and services they need can help them communicate better and be more creative.
You are effectively giving them the trust and autonomy to go out and find the best tools for whatever job it is they need to do.
I’ve even heard of companies offering prizes for the best use of shadow IT!
You might not wish to go quite that far, but it’s important to recognise the benefits vs. the risks of shadow IT and where the former might outweigh the latter.
Getting the balance right
The action you take around shadow IT will largely depend on your company’s unique needs and culture, and your desire for innovation vs. your appetite for risk.
But one thing’s for certain: eliminating it altogether is all but impossible. And in any case I’d advise against trying to resist the rising tide.
So how do you ensure you reap the benefits of shadow IT while still keeping tabs on the risks?
The answer lies in finding a way to standardise the use of shadow IT as much as possible. But to achieve that you first need a clear picture of how it’s being used across the organisation.
This could be individual smartphones and tablets, or it could be departmental use of cloud-based resources like Slack or Google apps or one of the many lesser-known services out there.
The best way to achieve that view is through real-time monitoring of web traffic throughout the business. This data will also help you spot any particular problem areas, identifying any potential data loss, security risks or compliance failures.
Once you have a company-wide view of who’s using what, and where, you can start having conversations with employees about why they’re using those particular tools.
Then you can make an informed business decision on which types of shadow IT you want to embrace under what circumstances.
Check out Fujitsu’s brand new whitepaper if you want to learn more about spotting and managing shadow IT in your organisation.