Is it time to recalculate the rewards ‘Shadow IT’ brings to information technology and redefine the risk to your business?
Shadow IT is the use by employees of unauthorised cloud applications and services, such as Dropbox, Google Docs and OneDrive. This definition does not imply these apps and services are inherently dangerous or insecure, simply that they have not been authorised for use by the IT department and so are often invisible to security controls. The Businesses @ Work report from secure identity management specialist Okta reveals that 56 per cent of apps used within the average enterprise are not provided and authorised by IT, and this is up from 48 per cent the previous year.
What’s more, the latest Cloud Security Report from Intel Security shows 74 per cent of UK businesses have a public cloud service in use that has been commissioned by departments other than the IT department. That statistic of 74 per cent is interesting as it’s above the global average of 66 per cent. “In the UK at least, shadow IT is becoming almost the norm,” warns Raj Samani, chief technology officer for Intel Security in Europe, the Middle East and Africa. Overall visibility of shadow cloud services dropped by 4 per cent last year, according to Mr Samani, so is this a problem needing to be tackled before we can ever really consider shadow IT to be a good thing? Indeed, should it be blocked altogether?
