Skip to main content

Shining a light on Shadow IT

The IT department is a busy place. It is responsible for setting up the company network, provides each workstation with a working machine, keeping everything going and looking after security and stability.

A tall task in any organisation and this is when users are playing by the rules. However, IT managers are increasingly having to contend with an additional source of pressure: shadow IT.

Many departments or individual employees slip under the radar and procure applications without the knowledge or authorisation of IT. The issue was highlighted in a study by PricewaterhouseCoopers (PwC) which found that between 15 and 30 per cent of IT expenditure in the companies surveyed took place outside the official IT budget.

BYOD adding rationalisation for employees 

This rapid expansion of IT has become an issue for all IT managers with what has been dubbed “Shadow IT”. The term describes the use of “non-approved IT products and services,” or “all applications that are acquired without the IT department's involvement”.

But why the sudden boom in “Shadow IT?" With so many devices being brought into the workplace, Bring Your Own Device (BYOD) is encouraging its spread and to a certain extent legitimised it in many companies. Despite this, it is not employees' own devices that are causing the issue. It is the software and applications that come with them. Monitoring social media platforms and cloud-based applications is very difficult. Staff can use platforms such as Facebook Messenger and Dropbox to send files between themselves and run applications without the IT manager having visibility of it.

The use of non-approved software can have an adverse effect on the network. Its usage can consume a large amount of bandwidth which in turn can slow the network down. This can also cause issues when it comes to compliance and sharing data. This can add to the already busy workload of IT departments and imposes an unwanted additional financial burden on them.

The problem is widespread. Half the IT managers in the PwC study believe that 50 per cent of their budget is being consumed by the management of shadow IT. This is not what is wanted or needed by IT administrators. In a survey of 400 IT administrators conducted by the network specialists Ipswitch, 12 per cent named “shedding light on shadow IT” as their number one wish. They also revealed day-to-day work would be made far easier if users revealed what applications they have installed on their work computers.

Below par procurement processes 

If it is causing so many issues, why are departments still procuring IT under the radar of the IT department? How are they getting away with it? Three reasons were highlighted in both of the studies and in one-to-one discussions. These were:

  • The IT department is too sluggish and too weak in terms of action.
  • The IT department lacks the expertise needed to provide and operate certain applications.
  • The IT department is too expensive and too complex. The business analysts, Gartner predict that by 2020 at least 90 per cent of the IT budget will be managed outside the IT department.

One of the most important reasons why shadow IT is flourishing is that IT procurement processes in the majority of companies are currently ailing. Processes have been around for decades and now they must be re-thought and re-designed.

The needs of the staff who are operating in the shadow also need to be considered. Organisations need to focus on these needs and consider what is needed to make employees more efficient, more effective and ultimately happier whilst moving out of the shadow.

Opening a dialogue with employees

Staff do not on the whole deliberately wish to circumvent IT procedures. They usually have a specific and acute problem that they need a solution to quickly. Naturally it is far easier for staff to use a cheap cloud-based solution from the Internet than to initiate lengthy IT procurement processes.

Consumer-based apps such as Dropbox are seen as an easy way to transfer data and these apps are used in users’ everyday lives. Why should they not do the same at work? When a large file can’t be attached via email, employees can just quickly create a link to Dropbox and the matter is swiftly dealt with. It’s all too simple.

Five steps to solving Shadow IT in the workplace

IT departments need to focus on how they can solve the problem of employees using these platforms instead of working against them. These five steps can alleviate the impacts of shadow IT and encourage a dialogue and further cooperation with staff:

  • IT departments should be using a network management solution. This will identify unauthorised apps being used on the network before they start to cause problems. A flow monitor is one such solution.
  • The network’s bandwidth usage must be visible to help understand the issue. The IT administrator needs to know where users, devices and applications could be pushing network capacity to its limits. From here, action can be taken.
  • A monitoring system that immediately identifies problem devices is needed. Who has access to what and via what device?
  • Problematic areas that cause the network to slow down or fail must be identified and resolved faster. This can be aided by having clear visibility of the network.
  • To prevent the use of cloud services by employees, organisations need to look at their own applications and implement similar tools for employees to use. This will help secure data and ensure compliance rules are adhered too.

Controlling the impacts of the shadow

Shadow IT can also aid businesses. Many businesses have realised the benefits of shadow IT – whether in relation to simple procurement or a rapid solution to a work-related problem.

However, this can only be realised if the environment does not require high security. It is not about simply getting rid of shadow IT, but about casting as much light on the darkness as possible and giving visibility of what is happening on the network. To attempt to blank out shadow IT or deny its existence would be to be blind to reality.

Monitoring tools can help safeguard the network’s performance, monitor the availability of applications and prevent misuse. Above all, though, it is essential to subject established IT procurement processes to thorough scrutiny and make them leaner and faster.

Alessandro Porro, vice president of international sales, Ipswitch

Image source: Shutterstock/Stefano Tinti