3 Ways to Expose Shadow IT

In our SaaS-filled world of easily-acquired cloud software applications, there is a quietly growing pitfall lurking within the shadows which, if not exposed, can cost you both time and money.  Here’s how you can shine a light on the growing problem of shadow IT.

More than ever it’s easy for employees to discover, sign up for, and implement cloud solutions.  In fact, the process has become so fast and painless that many employees opt to bypass any IT department approval or vetting in exchange for speed and immediate functionality.  This unauthorized acquisition of software is called “Shadow IT” – and yes, it has most likely seeped into your organization.

According to a 2017 report by Gartner, it’s estimated that up to 50% of a company’s software application spend is made up of shadow IT.  In other words, half of what the organization is paying for are “rogue” applications that never went through an IT vetting process. It’s a feasible statistic when you consider how easy it is to sign up for cloud solutions (many of which offer “free” versions) and how quickly usage can spread within a team or unit when dealing with collaborative SaaS services.

The causes behind shadow IT are most often based on good intentions.  Why might some employees go rogue with their IT usage?

  • Urgency – They have looming deadlines and pressures they don’t want to risk derailing by waiting on IT approval.
  • Functionality – Endless options of SaaS means there are niche solutions that fit every need, which can be appealing to a handful of employees, but not cross functional enough for an IT unit to approve.
  • Familiarity – The workplace landscape is more fluid than ever, and with that comes a variety of software knowledge.  Often, new employees like to incorporate solutions they’ve used elsewhere so they can hit the ground running.
  • Naivety – Employees simply don’t know they’re doing anything wrong because their proper IT request protocols haven’t been clearly defined and shared.

Employees are simply trying to do their jobs well.  Unfortunately, their well-meaning intent can culminate in unexpected organizational issues including workflow disruption, unaccounted budget strain, and security risks caused by the potential exposure of sensitive data.  

Ultimately, the purpose of a modern IT unit is to not only design but also build and manage a technical infrastructure that works seamlessly, safely, and within budget.  Fulfilling the functional needs of the organization while respecting IT oversight is the balance that every business should strive for, but first you need to recognize the mess.  

Here are 3 ways to illuminate shadow IT at your company:

1. Look for Bread Crumbs

Email, Slack, Microsoft Teams, Confluence, Asana, Trello… businesses today use many forms of official communication to interact and manage projects.  Super admins can set up searchable keywords on those platforms for names of software that are potential shadow IT culprits–unearthing correspondence such as registration emails, product updates, and so on, and providing a great method to expose any services that have been unknowingly implemented.

Shadow IT quietly emerges, but it doesn’t come out of nowhere. Monitoring communication channels like Slack or Email allows IT admins to flag registration, product updates, or discussion regarding unauthorized software.

Remember, this isn’t about placing blame or punishment, it’s about creating transparency.  Discovering these unauthorized services will help you understand the functional needs of your staff so you can better support them in an official capacity  In most instances, employees are necessary in identifying a workflow need while the IT department can find and implement the best solution. Bringing shadow IT to light, and then following up with productive action to solve for it, will help earn the trust of your staff and reduce future instances of unauthorized IT usage.

2. Review Your Existing Toolset

Sometimes employees don’t understand the full range of capabilities the tools currently at their disposal can offer.  IT should compare and contrast shadow IT applications against the features of existing IT infrastructure and services.  You can usually find significant overlap, and often it’s simply a matter of further employee training to resolve the issue. 

If overlap exists, the next step will be helping to migrate data and workflows from the shadow IT application to the existing, authorized service. This is best done piece by piece, keeping the learning and comfortability curve easy (a steep curve could be met with immediate pushback and  disregard among staff.) Maintaining functionality and budget is important, but what will truly keep shadow IT from popping back up is creating users who are happy with how their software performs.

Much like the technology used, an IT team must also be woven into an organization. Holding regular workshops to discuss IT workflow needs and usage is a great way to avoid future shadow IT from developing.

 

3. Create a Feedback Loop

Part of the problem that leads to the existence of shadow IT  is a lack of communication. Creating an open feedback loop where employees can regularly express IT needs, concerns, or ideas is a great way to make IT efforts more inviting, collaborative, and predictive to the needs of staff and business.  This can be done in a variety of ways, such as a quarterly meeting, Slack channel, Confluence page – whatever method is most accessible to the staff at large… just so long as an approved SaaS is being used!

The Light in the Darkness

Shadow IT can create big problems but can also be a great opportunity for revenue-friendly change.  Because they are involved in the day-to-day operations, employees are often the first to recognize pitfalls or inefficiencies that have a financial impact to the company.  So you don’t want to discourage forward-thinking when it comes to IT solutions. The goal is to eliminate shadow IT but maintain the good intentions that cause it–magnifying the benefits to both the company and its staff.  By following the above three steps, you can stay at the technical forefront of your industry, find savings to your bottom line, and create a healthy IT culture within your organization.

To find out how IT spend management can reveal shadow IT within your organization, fill out the form below:

About The Author

Sameer Hilal is co-founder and Chief Operating Officer of vCom Solutions. He effectively leads vCom to be an innovator in IT Spend Management, providing customers an award-winning software platform and a seasoned team of professionals with subject matter expertise to manage the entire lifecycle of their IT assets. Under his leadership, vCom has successfully deployed and managed global networks, supported enterprise mobile and IoT solutions, overseen multiple collaboration technologies, and integrated innovative Cloud solutions. vCom has maintained 98% customer satisfaction for the past 12 years, and has been recognized as one of the top 50 best places to work in the US in 2019. vCom has also earned recognition as a Best Place to Work in the SF Bay Area for 12 consecutive years, and a green business for the past 8 years. Sameer has worked in technology management and software development for more than 20 years. Prior to vCom, Sameer held positions as VP of Operations for a leading systems integrator of enhanced voice and network services; and as Director of Technology for a leading radiology medical group. Sameer earned his Bachelor’s degree in Physics with a minor in Biology from Boston University.