Shadow IT? Sounds shady...
Have you ever heard of the term “Shadow IT”?
It refers to a range of technology solutions consumed by users within a network that are not sanctioned by the business. A good example of Shadow IT is a staff member utilising a cloud based file storage tool (Dropbox for example) to access information from outside the business network to continue working from home.
Sound familiar?
The intention of the user in these cases is not necessarily malicious, but it can create major headaches for businesses and IT teams down the track. Where Shadow IT exists, the business no longer has control over the security of the information and data, equating to risk of losing the information due to malpractice or otherwise.
Um, where did I save that?
This might come as a familiar story to many.
But why does Shadow IT exist?
Generally, users will resort to using Shadow IT when the business tools provided to them are not as well aligned to them achieving their objective as the shadow IT solution, or their knowledge of the shadow IT solution is greater than that of the tools provisioned by the business. Technology is designed to remove barriers, not create them, and the path of least resistance is often the path that is chosen.
So how can you stop it?
There are two ways to minimise the adoption of shadow IT within your business.
The first is education. Educating your users on both the technology stack that you have, and how to most effectively utilise it are paramount to minimising the adoption of Shadow IT solutions. It is also important to educate users of the potential risks of using Shadow IT, both in the context of potential implication to the business and its interests, and their personal liability in the event of incident.
The second is to provide the right tools to enable users to achieve their objectives in a secure and efficient manner. Where the right tools to complete their work do not exist, Shadow IT will thrive.
What now?
The first step is to plan your user education and training. Educate them on the importance of using technology provided by the business, and arrange training for your users to enable them to succeed with the technology provided.
The next step is to identify where Shadow IT exists, and bring all information and data back from these systems. You will need to ensure that all copies of the information have been removed from any location other than your corporate network environment to ensure integrity of data. I’d suggest completing this as an internal initiative with your users, trusting they will offer each other peer support to finalise the initiative.
And finally, as a by-product of this initiative you will undoubtedly hear from your users where the inadequacies in your current technology stack exist. This will be an opportunity to identify the gaps, and plan to fill those gaps with a broader technology offering.
Need help?
The team at ServiceScaler and I help businesses with challenges like Shadow IT every day. With a wealth of experience in managing IT systems, and consulting to firms on IT best practices, ServiceScaler can help you to get your IT systems under control, and protected for the future.