Shadow IT Isn’t so Shadowy Anymore
In a blog we posted back in October – Cloud Computing Solutions Proliferation: Blocking and Managing Usage – we discussed how cloud-based apps are becoming more and more of an issue as IT departments try to protect their networks from external threats.
While cloud computing solutions are often portrayed as a panacea for dysfunctional IT systems, they can easily create as many problems with infrastructure, systems management, security, application configuration, and data access as they solve. Cloud computing solutions are all about changes to your environment and level of control over asset storage, security, workflows, and data availability. However, much of what runs across your existing IT landscape today is actually very predictable and probably doesn’t need the extreme flexibility touted by cloud technology and service vendors. That’s why IT departments today need to reassess cloud computing and where it’s needed most.
A recent Stratecast Frost & Sullivan report commissioned by McAfee presented some interesting findings that will clearly cast doubt on IT’s ability to control Shadow IT.
More than 80 percent of survey respondents admit to using non-approved SaaS applications in their jobs… and while a particular SaaS application may not have been approved by IT, it likely is being overtly or tacitly supported by the employee’s own department. This indicates that corporate and departmental policies or practices may clash—with the department winning.
Not only are most employees using non-approved cloud-based apps in their organizations, they’re doing so with the approval of their departments. IT is essentially losing control of the use of apps and the cloud all together.
The report also unveiled the following interesting tidbit which could further hinder IT’s ability to control SaaS in their organizations.
Another surprising revelation is that IT users are even more likely than LoB users to adopt non-approved SaaS. Furthermore, IT employees use a higher number of non-approved SaaS applications than LoB. It appears that, in acting as the guardian of corporate technology, the IT department considers itself exempt.
If IT is part of the issue, what can companies do to protect their networks and data from this source of risk? Check back shortly. Our next blog will cover five ways to protect yourself and your network from Shadow IT. In the meantime, do those stats above surprise you at all?