- Sales & CRM
- Business Intelligence
Shadow IT is a strange phrase. It implies implementing IT stealthily, away from prying eyes while not interfering with the day-to-day running of IT operations. The inference is that this is a small, covert operation carried out by a small sub-set of employees fighting against the large corporate.
But according to recently-published survey, that's far from the truth. Research from OneLogIn found that a whopping 71 percent of respondets had opted for a cloud service without being sanctioned by the IT department - that's not skulking in the shadows that's being out and proud.
We're not talking about a few products either. According to the survey, more than 56 percent of companies have at least four SaaS applications (and those the ones they know about). They're not standing still either: 77 percent of respondents expect the number of cloud applications to rise in the coming year.
And it's not just about software: 81 percent of respondents from the OneLogIn survey accessed company software from non-work devices such as tablets and smartphones.
With such numbers, it's clear we're not talking about a small movement of business people trying out the odd bit of software - we're talking about a wholescale revolt against an established way of working.
The problem is two-fold: by failing to involve the IT department, companies are liable to work in an inefficient manner, with much duplication of resources and costs.
The other problem is the implication for security. Davey Winder has set out the reasons why unsanctioned cloud is a problem for IT departments and what can be done about it.
But the OneLogIn survey also highlights the dangers: nearly 20 percent of respondents found that data had been accessed by someone who had left the company, a whopping 45 percent of organisations had the same security policies for on-premise and cloud and 34 percent of those surveyed had a policy of sharing passwords for public web applications (FedEx for example).
When 'shadow IT' moves out of the shadows into the mainstream, it's time for a new set of priorities. It would start to put a ban on the term 'shadow IT' and work out a new way of ensuring that IT and lines of business work together. IT security is a problem for everyone in a company and having a splintered approach will help no-one.