Shadow IT: what is it and how to combat it
Does circumventing the IT department pose a threat to your business’ most vital information or is it actually...
Allowing employees to install their own applications may boost motivation, but the challenges it presents to the IT department could prove to be too much for them to handle.
Gone are the days when employees had to wait for IT departments to install and provision applications for use in an enterprise environment. With rolling contracts for cloud-based services, including storage and collaboration platforms, social networks and more, it’s simple for anyone to sign up to a cheap service using their company credentials.
Using applications an employee may find best for the job could increase productivity and motivation, but this act of Shadow IT is having an impact on businesses, particularly through the extra pressure it’s putting on IT departments.
If everyone in an organisation decides to use the software or applications they want to use, it means there will be little consistency across organisations and employees will struggle to collaborate and communicate with their colleagues or even clients.
For example, if one employee uses Dropbox to share big files and another uses Google Drive, they won’t be able to see changes in real-time across both platforms. Similarly, if both Slack and Skype are used for instant messaging, only some employees will be able to take advantage of its file-sharing function.
When an IT department doesn’t know which applications are being used, it can’t monitor them or the data they share through the network. Unmonitored applications and data passing through the corporate network could leave it open to attack, or data unsecured, ready to be stolen and distributed around the dark web.
It’s unlikely consumer services are encrypted to enterprise standards and, added to that, employees might share user names and passwords with other corporate services rather than setting up credentials for each service. If this information falls into the wrong hands, it can lead to criminals accessing confidential data related to the company or its clients.
Applications not implemented by IT can also cause a whole catalogue of technical problems: files inadvertently installed on a computer might contain malware or an update might not be supported by a device’s operating system.
Fixing these problems puts extra pressure on the IT department, which should be concentrating on innovation and strategy rather than fixing technical problems with user machines.
To overcome these issues, it’s important to communicate with all employees and discuss which applications are most useful for particular tasks. Keeping this two-way communication open will mean it’s unlikely staff will go behind your back and install the applications they want to use.
Offer training to those who aren’t as enthusiastic about using new technologies to help them understand the benefits, and educate all staff about the dangers of using unprovisioned applications and the same user names and passwords that they use for applications outside the network. Not only is company data at risk, but so is their personal data.
Although the problems of Shadow IT are unlikely to disappear completely, it’s essential to keep up with current trends. Communication with staff is key to ensure that even if they do decide to use applications not monitored by the IT department, they are used in the safest way possible.