Shadow IT is the moniker that people in the technology industry have coined for applications that employees download that aren’t vetted for use on an organization’s networks. For the better part of the past decade, IT administrators have universally demeaned the use of unsanctioned software for use on company networks due to potential vulnerabilities that come with these applications and any phantom costs associated with their use. What may surprise you is that some organizations are rolling back their shadow IT policies. Today, we will take a look at both ends of this issue.
Let’s face it, most people working today have been using technology for over 20 years. They may not be IT experts (they aren’t), but they aren’t novice users either. They can spot a tool when they see one. For the end-user, finding solutions to their problems in the form of a simple-to-download application, is a no brainer, especially if the person is proficient with the unauthorized software. They won’t think twice before downloading the title.
The problem, quite obviously, is that the software being downloaded may have vulnerabilities upon download; and, if it’s allowed to fester without updates on a workstation for some time, will likely have some. Unfortunately, vulnerable software on a network endpoint is a hole in the network itself. We spend a lot of time on this blog talking about cybersecurity, and one of the big no-nos is leaving unpatched holes in your network by not frequently patching and updating software. Since the IT department or managed IT provider handles this process, if they don’t look for a software to update (because they often don’t know it is there), it will likely be a problem before long.
What are the potential risks? There are a multitude. They include:
You can see why IT admins and most decision makers look at shadow IT as problematic.
There aren’t too many issues in life that are dialectically bad. There is always a bit of positive with anything, including shadow IT. Recently, there has been a shift in the way that some organizational leaders and IT professionals look at shadow IT. You see, businesses are always looking to increase productivity, to get the most out of their available capital, to find solutions for problems. Shadow IT, for all its problems, allows workers to accomplish all three of these fundamental goals; and, it seems IT admins are coming around.
According to a study of 1,000 IT professionals, 77 percent believe that embracing shadow IT solutions can help a company innovate quicker than their direct competition. That’s not all.
This survey seemingly splits the IT community in half, with half believing shadow IT to be an active menace and half believing there are strong benefits to promoting the use of some shadow IT resources. Now, I don’t know any IT professional that would be okay with employees downloading unauthorized software on company-owned machines, but because shadow IT extends to employee-owned devices, there may be opportunities to allow employees to use the software they are most comfortable with on their own devices, just as long as the organization has made contingencies for it. Either way, taking in the numbers above, shadow IT is not considered the “biggest threat to your business” as it has been for the past several years.
If you would like to learn more about shadow IT, what constitutes shadow IT, or any other software and maintenance questions, call our knowledgeable professionals today at 866.625.3560.