How Can You Fight Shadow IT?
Overcoming Shadow IT in order to gain visibility in your company is the 56th reason to go beyond Telecom Expense Management and manage your Enterprise Digital Footprint.
The concept of Shadow IT is new concept and it can be hard to understand its intricacies, and even harder to manage it in a modern business. For those that know what it is, you’re probably wondering how you could possibly control and benefit from it. Those that think that overcoming it is possible, well, you’ve come to the right place to learn more. Happy reading!
What is Shadow IT?
According to Gartner, Shadow IT refers to every IT devices, software and services used without the consent of the organization’s IT department. This means that the department never agreed to the purchase of a service or isn’t even aware of it, making it more difficult to track its costs and usage. Based on a study by Gartner, 30% to 40% of an organization’s IT expenses are linked to Shadow IT, and according to the Everest Group, it would represent a 50% increase in the expected IT expenses. In addition, uncontrolled purchases in technology could lead to an average 30% in monetary loss (Amalgam Insights, 2017). As if it wasn’t enough, 72% of CIOs don’t know how many Shadow IT applications are in use in their organization (Tech Pro Research, 2015).
Between you and I, after seeing those statistics, it is much easier to understand how much Shadow IT can affect your organization, as well as the consequences and risks it comes with.
Why would employees use these services without authorization from the IT department? The answer is simple. We live in a society where time is money. People want to save time by not having to go through long processes to obtain IT services. On the other hand, we often don’t see the negative aspects and risks our decisions may have when we try to hurry up to save time.
That’s when consequences start tumbling in. Tracking becomes difficult since it’s complicated to know what was bought, when and by whom. Usage is no longer restricted by the measures put in place by the IT department. All of this causes an increase in workload and costs of what was planned in the allocated IT budget. Another consequence, and not the least of which is that according to another study by Gartner, by 2020, one third of successful cyberattacks will target Shadow IT devices and services.
With so many devices and services unapproved by the IT department, how can we expect them to keep track of it? You need a solution.
Multiple Ways in Which You Can Fight Shadow IT
Thankfully, there are many practices that can be introduced in your organization to reduce the adverse effects of Shadow IT, and maybe even overcome them. Without further ado:
- Understand why your employees use Shadow IT: Since people now work from many places, whether it’d be from the office, their home or even on the road, they must have access to software and online tools, quickly. The ultimate goal of every employee using Shadow IT is to work quickly and efficiently, not to undermine the company.
- Analyze how your employees use Shadow IT: There is no better way to understand a problem than by trying to analyze it. Understanding what drives the employees to use them. It’s important to address the issue directly with those that use the tool. Survey your employees to gather data and you’ll be able to come up with a strategy enabling you to change your employees’ habits.
- Determine if the usage of Shadow IT can be a threat to your company’s technological security: It’s obvious that using unidentified products and services can create risks of breaches cybercriminals can attack. It is important to insure that these devices are identified in order to control them and verify that they pose no risks.
- Assess the potential value of Shadow IT in your company: As it has already been mentioned, employees don’t turn to Shadow IT for the wrong reasons. They are better suited to know which tools are the most efficient or the more adapted to accomplish their task. Maybe the department could adjust with the users to see if adopting these new devices and services would be for the best. It could also be the ideal time to ask yourself if the adoption process for new services is not too long or inadequate.
- Use a Self-service tool through your TEM platform: A TEM software is already a formidable tool to manage your company’s technology expenses. If your provider is like Cimpl, and also offers you the possibility of to have a Self-service tool, then you’re really fortunate! This will allow your employees to trigger entirely automated processes to request new services or assets. Sounds like Shadow IT, doesn’t it? You’re right; the difference being that the decisions taken with the Self-service are all tracked in the software, and thus accounted for by the IT department. With the Self-service also comes the automation processes. Indeed, thanks to this software, you can automate tasks to save time.
- Keep an eye out: After putting all of these measures in effect, it’s still important that you keep an eye on your employees’ behaviour to make sure no devices or services are overlooked.
There, now you should understand all there is to know about Shadow IT, the risks associated to it and how to overcome them. However, if you have other questions, contact us directly at Cimpl for more details. Our experts will be happy to help you!
Written by: Charles-Olivier Payette