Skip to main content

The 5 stages of shadow IT: How to cope with rogue technology

It’s easy to think of shadow IT as an enemy to the traditional IT way of life. The name itself can conjure up images of employees lurking in the darkness on personal devices and rogue cloud-based services, quietly undermining the security and control of IT.

While sometimes these unsanctioned IT solutions can be at odds with what’s best for the company, the truth is usually much less sinister. More often than not, shadow IT is just the result of employees trying to find the best way to do their jobs.

Your IT department has two choices: fight to stamp out all unauthorised software, tools, and technology or work to bring shadow IT into the fold and strengthen your company’s IT offerings.

With some clever compromises, you can let employees boost their productivity and maintain control over company security. But getting shadow IT in check can be challenging. Here are the five stages you might have to go through to cope with shadow IT:

Stage 1: Denial

Most IT professionals understand shadow IT as a concept, but few realise just how prevalent it actually is. A recent study found that, on average, IT managers underestimate the pervasiveness of shadow IT in their companies by a factor of 10.

Before you can deal with shadow IT, you need to examine what employees are using and how far it has spread.

Stage 2: Anger

When faced with shadow IT, your natural reaction might be to try to squash it completely. It’s understandable. If a server or cloud application isn’t under IT’s control, it could pose a serious security risk to your organisation.

But eliminating an employee solution without providing an acceptable alternative doesn’t help anyone. It’s like taking the ball and leaving when the game’s not going your way. However, your goal is to enable, not hinder, employees’ productivity, so it’s essential to progress quickly to the next stage.

Stage 3: Bargaining

In a way, the next step is the first real move toward acceptance, but it can often have its own stumbling blocks.

Because a business needs file sync and share services to keep up with changing market demands and competitive pressures, you need to identify a solution that meets your security and compliance criteria.

Instead of choosing an EFSS solution that works with the current user’s applications and devices, you might attempt to bargain, encouraging users to leave the consumer FSS solutions they’ve been using and adopt the IT-sanctioned EFSS instead.

Consolidating all shadow IT apps into a single secure platform makes perfect sense, but it can sometimes upset users who aren’t willing to compromise their productivity for a new application. You must realise that the choice doesn’t have to be one or the other.

Stage 4: Depression

OK, so I’ve never actually met anyone who’s become truly depressed over shadow IT in his network, but I have met IT professionals who’ve spent many sleepless nights worrying about data leakage and falling out of compliance.

Losing control can be frustrating and worrisome, especially when transitioning to a more open EFSS, but you can come out on the other side with a better IT solution and happier employees.

Stage 5: Acceptance

As long as they have the right EFSS implemented, neither the company nor employees have to lose anything.

If the EFSS is intuitive and easy to use across every device and application, users shouldn’t have any problem adopting it. This will reduce shadow IT and help your department maximise its investment in storage and applications.

You should choose an open EFSS that can interface with Google Apps, Microsoft Office, Salesforce, Outlook, and other user-preferred environments. This helps keep the company secure while allowing most employees to continue using their preferred applications.

If you can find a secure solution that meets employee criteria, brand it, promote it, and make it super easy to use. Enable smart reporting to collect, analyse, classify, and visualise data to detect trends early and even predict them so you can become proactive instead of reactive.

Remember: Technology doesn’t stand still. You need to be continually adapting to new employee demands and security needs to prevent shadow IT from popping up again.

True acceptance can be a hard stage to reach, but the results make it worthwhile. Giving employees the freedom to use the tools they need can be a huge benefit to productivity. In fact, a survey by PricewaterhouseCoopers found that for 100 top-performing companies, IT was in control of less than half of the business’s tech expenditures.

The key to defeating shadow IT isn’t to try to force a single solution on employees; it’s to figure out what employees want to use and building security around those tools.

By showing a willingness to adapt and choosing IT solutions that make employees needs a top priority, you can create an environment where shadow IT becomes unnecessary.

Isabelle Guis is chief marketing officer of Egnyte (opens in new tab), overseeing global marketing, product, and go-to-market strategies. Prior to Egnyte, Isabelle served as EMC’s VP of marketing for the Public Cloud Solutions Group and Enterprise Storage Division.