IT departments failing to get to grips with shadow SaaS

Huge security headache for IT professionals as users go elsewhere to meet IT needs

Employees are bypassing the IT department to procure cloud-based SaaS services because the authorised use of them takes too long to approve, according to a new survey.

A report by CipherCloud found that 81 per cent of employees admit to using unauthorised SaaS applications. This is despite security being a top concern for nearly two-thirds (62 per cent) of IT professionals.

The survey found that 38 per cent of employees deliberately went behind the IT department's back to adopt applications because the approval process in their companies is reportedly too slow.

The Shadow IT: Data Protection and Cloud Security report, said the cloud market was expected to grow 126.5 per cent this year, with the majority of growth in two areas; Software-as-a-Service (SaaS), growing at 199 per cent, and Infrastructure-as-a-Service (IaaS) at 126 per cent.

Over half of the survey respondents reported that they had more than 10 cloud applications in production, with 32 per cent indicating significant use of 51 or more cloud applications. This only includes those that IT is aware of and controls; it does not include shadow IT cloud instances.

While security of cloud apps was a top concern, 44 per cent of respondents also cited cloud performance as a worry, and 41 per cent said the time needed to develop cloud-related skills was stopping them from adopting cloud.

“Organisations are moving beyond curiosity about the cloud to actual deployment,” said Gigaom Research analyst George Crump. “SaaS is growing at 199 per cent and is the typical home for shadow IT. It is growing because end users are impatient with IT and looking for alternatives.”

The study revealed the most commonly requested cloud applications were those related to communications, file sync-and-share and disaster recovery, followed rapidly by CRM and other sales automation tools. 

"The research underscores the rapid adoption of the cloud by businesses both by IT and line of business employees," said Paige Leidig, chief marketing officer at CipherCloud. "It also reinforces security as a key concern and the importance of encryption to ensure data is fully protected and controlled."