Blog, Events & Press

19 Jun

Shedding Light on Shadow IT

Shedding Light on Shadow IT Keyboard

Your employees aren't doing it to be sneaky or malicious.

But, sometimes, to get the job done, individuals or teams need a tool or software beyond what the IT department can provide. Or they need it fast, and IT cannot meet the quick turnaround needed with complex ticketing and hierarchy in place.

More and more, IT departments are shining a light on Shadow IT - the systems and solutions built inside a network without IT approval.

According to HDI Research, 89 percent of IT departments said they recognize Shadow IT going on in their networks. More than half of the organizations surveyed (56 percent) said they are concerned about Shadow IT; 33 percent said they are somewhat concerned, and 11 percent said they are not concerned.

Organizations are right to be concerned.

Shadow IT can pose massive security threats as unknown and unauthorized individuals could be downloading things that negatively impact or slow down the network. Shadow IT can lure viruses to the network. Users could accidently reconfigure a router or change a password, leaving IT scrambling to find a solution quickly when something is off.

But, a healthy dose of Shadow IT could also benefit the network. It could give IT leadership and an opportunity to learn why internal end users are creating something new. If half of the employees are utilizing a new application to complete a project quickly, it might be a worthwhile investment for the organization to implement the software company-wide.

Organizations, today, are uncovering Shadow IT in their networks in a few distinct ways. Often, IT departments learn about Skunk Works projects by word of mouth. Sometimes, another employee will report the IT-unauthorized project to the IT department. But more and more, organizations are turning to digital infrastructure monitoring to uncover Shadow IT usage.

To effectively monitor for Shadow IT, you'll want to deploy a tool that provides a discovery process and reports when new devices and tools are added. You'll also want a tool that alerts when there is a certain threshold reached on links, routers and servers. By monitoring in this way, you'll know as soon as something is added or changes on the network.

Even with monitoring, organizations are faced with a daunting decision - do you keep your network completely open and give free range for employees to participate in Shadow IT? Or do you place strict rules and firewalls up so employees have to go through IT for each and every request? Both will cost you.

Locking things down costs more upfront since the organization will need to employee a bigger IT department to handle requests. But you could save more in the long run. And remember, the more you regulate the IT process, the more employees will try to find ways to circumnavigate the process.

You will save money upfront if you keep the network open. But you could end up spending in a big way later down the road when your network is infected with a virus.

Instead of focusing on one extreme or the other when it comes to Shadow IT, consider these options:

  • Create a sub-IT team that has limited - not VIP - access to the network. These liaisons can allow for some Shadow IT, but also limit what could be detrimental to the network. Allow this team to sit in on IT security meetings, and tap them for feedback on the IT needs of the employees and end users.
  • Run a quarantined lab that gives all-out access and allow employees to experiment with new software and applications in a controlled environment.

Both of these advance options will also tack on extra spend to the budget, but it allows the enterprise to be much more responsive to the end user. Discovering Shadow IT on a regular basis will allow leaders to have a healthy dialogue about what software and applications can be added or removed by IT.

Network visibility is the hallmark of a mature IT organization. It allows the leadership to be more flexible with decision-making. IT departments that allow some Shadow IT will likely yield happier, more satisfied end users.

Looking for ideas on how to increase visibility over your digital infrastructure? Download our free whitepaper on 6 Steps to an Effective Performance Monitoring Strategy.

Six Steps to an Effective Performance Monitoring Strategy

Written by Mark Kromer
Product Manager, SevOne

Mark Kromer is a product manager for SevOne who has focused on analytics and big data throughout his 20-year career in IT and software development. Prior to SevOne, Mark was product manager, technical director and solution architect for Microsoft, Oracle, Pentaho and AT&T.

Subscribe To Our Blog