Why to Bring Shadow IT Into the Light | 7wData

• Read original article here

Shadow IT is the unauthorized use of software, hardware, and cloud services. Typically, users skirt official IT channels in order to complete their work faster and easier. If they secretly use these things for other purposes, then that’s a far more serious security concern for the business. But by and large, there’s fruit to be harvested on both sides of this forbidden tree.

“In this era of hybrid and remote work, having some tolerance for shadow IT and enabling employees or their departments to choose their own tools can have great benefits,” says Eric Christopher, CEO of Zylo, a SaaS management provider.

But it’s not just the changing nature of work that’s causing businesses to do a double take on Shadow IT. Plain exhaustion and too few hours in the workday are driving its adoption, too.

A Economic Intelligence Unit report underscores the unsustainability of current IT processes, finding that “IT backlogs are significant and IT's control over the digital infrastructure is slipping.”

But that’s understandable. IT teams are understaffed and overwhelmed after the sharp increase in support demands caused by the pandemic, says Rich Waldron, CEO, and co-founder of Tray.io, a low-code automation company.

“Research suggests the average IT team has a project backlog of 3-12 months, a significant challenge as IT also faces renewed demands for strategic projects such as digital transformation and improved information security,” Waldron says.

There’s also the matter of employee retention during the Great Resignation hinging in part on the quality of the tech on the job.

“Data shows that 42% of millennials are more likely to quit their jobs if the technology is sub-par,” says Uri Haramati, co-founder and CEO at Torii, a SaaS management provider.

“Shadow IT also removes some burden from the IT department. Since employees often know what tools are best for their particular jobs, IT doesn’t have to devote as much time searching for and evaluating apps, or even purchasing them,” Haramati adds.

In an age when speed, innovation and agility are essential, locking everything down instead just isn’t going to cut it. For better or worse shadow IT is here to stay.

“Putting the decision-making power into the hands of teams, not just IT, empowers employees to procure the tools they need to do their jobs when they need them -- making shadow IT a source of innovation and agility. And this ultimately leads to two things: better adoption rates and a stronger employee experience,” says Zylo.

Besides, it’s not like companies really have any choice.

“Good luck trying to stop shadow IT as that ship has sailed,” says Ahmed Datoo, CMO at Alkira, a cloud network as a service provider.

There are clear downsides to Shadow IT as well and being too quick to embrace it can lead to certain disaster, and not only due to the predictable and significant rise in security vulnerabilities.

“When employees who control the root accounts associated with these shadow IT assets leave the company, confirming that access to these assets has been revoked, or gaining any access to the orphaned accounts at all, can pose a significant challenge. In severe cases, this might lead to a disruption of key business processes,” warns Dan Trauner, senior director of security at Axonius.

That makes managing shadow IT assets and data stores absolutely essential. The first order of the day is to take an inventory of shadow IT assets, often using a SaaS management platform (SMP) and other asset management tools.

“An entire category of security tools -- SaaS management platform -- exists to help connect to and parse these data sources to discover shadow IT.