Shadow IT is the moniker people in the technology industry have coined for applications that employees download that aren’t vetted for use on an organization’s networks.
For the better part of the past decade, IT administrators have universally demeaned unsanctioned software for use on company networks due to potential vulnerabilities that come with these applications and any phantom costs associated with their use. What may surprise you is that some organizations are rolling back their shadow IT policies.
Today, we will take a look at both ends of this issue.
Shadow IT is Bad
Let’s face it, most people working today have used technology for over 20 years. They may not be IT experts (they aren’t), but they aren’t novice users either. They can spot a tool when they see one. For the end-user, finding solutions to their problems through a simple-to-download application is a “no-brainer”, especially if the person is proficient with the unauthorized software. They won’t think twice before downloading the title.
The problem, quite obviously, is that the software being downloaded may have vulnerabilities upon download. If it’s allowed to fester without updates on a workstation for some time, it will likely have some.
Unfortunately, vulnerable software on a network endpoint is a hole in the network itself. We spend a lot of time on this blog talking about cyber security, and one of the big no-nos is leaving open holes in your network by not frequently patching and updating software.
Since the IT department or managed IT provider handles this process, if they don’t look for software to update (because they often don’t know it is there), it will likely be a problem before long.
What are the potential risks? There are a multitude. They include:
A lack of security
Without visibility and control over network-attached resources, IT management becomes much more difficult. If there is a potential that a piece of software can put a hole in your network, you are compromising the network’s security.
Problems with performance
If the implemented tool doesn’t mesh with the system it’s being downloaded with, the app’s performance–and thus the user’s–will be compromised.
If your organization needs to meet certain compliance standards, unmanaged software makes it almost impossible to meet them.
If IT management doesn’t know that software is on the network, it won’t be covered by organizational backup strategies, meaning work completed using shadow IT apps won’t be backed up.
You can see why IT admins and most decision-makers look at shadow IT as problematic.
Shadow IT is Good
There aren’t too many issues in life that are universally bad. There is always a bit of positive with anything, including shadow IT.
Recently, there has been a shift in how some organizational leaders and IT professionals look at shadow IT. Businesses always seek to increase productivity, get the most out of their available capital, and find solutions for problems.
Shadow IT, for all its problems, allows workers to accomplish all three of these fundamental goals. Additionally, it seems IT admins are coming around.
According to a study of 1,000 IT professionals, 77 percent believe that embracing shadow IT solutions can help companies grow quicker than their direct competition. That’s not all.
- 49 percent said that shadow IT boosts productivity.
- 45 percent said that shadow IT helps promote employee engagement.
- 40 percent said that shadow IT helps promote adherence to IT security requirements.
- 40 percent said that shadow IT would help reduce employee turnover.
This survey seemingly splits the IT community in half. Half believe shadow IT to be an active menace. Meanwhile, half believe there are strong benefits to promoting some shadow IT resources.
Now, I don’t know any IT professional that would be okay with employees downloading unauthorized software on company machines. Still, because shadow IT extends to employee-owned devices, there may be opportunities to allow employees to use the software they are most comfortable with on their own devices. However, just as long as the organization has made contingencies for it. Either way, taking in the numbers above, shadow IT is not considered the “biggest threat to your business” as it has been for the past several years.
If you would like to learn more about shadow IT, what it includes, or any other software and maintenance questions, contact our knowledgeable professionals today at (877) 771-2384.