Blog / What is Shadow IT?
Despite the dangerous sounding name, Shadow IT isn’t all bad.
It may sound like you have a hacker lurking the darkest corners of your network using illicit hardware for some nefarious but nebulous purpose, and you’d be justified in thinking that that’s what shadow IT is. Fortunately, the truth is far less dangerous, albeit not completely safe. That’s because, frankly, shadow IT isn’t at all what it sounds like, until you understand what it is. Then the moniker fits but isn’t nearly as scary sounding.
So what exactly is it? In a nutshell, shadow IT is the use of technology that hasn’t been authorized or sanctioned by your IT department. If this sounds like a somewhat broad and vague definition, that’s because it is. The phrase “shadow IT” can cover a wide assortment of both hardware and software, potentially including some apps and software services geared towards business and IT, such as Slack or Trello or Zoom. The key defining trait is that the technology itself is unsanctioned.
Examples of Shadow IT
As mentioned earlier, the use of any technology for work-related purposes and not authorized by your IT department can be considered a form of shadow IT, but that casts a wide net, so what are some real world examples of shadow IT in use?
- Smart phones are a prime source of shadow IT, as employees often like to download and sign into work-related applications onto cellphones and tablets for a variety of reasons. This isn’t a problem if you’ve given them the go ahead and have the ability to manage and remote wipe work files. But what happens when an employee downloads Slack for mobile without telling anyone? That’s shadow IT.
- Mirror IT is another form of shadow IT that should be noted, not exclusive to smart devices but definitely common to them, where employees use sanctioned applications on unsanctioned devices. A prime example of mirror IT is providing employees with work phones, only to have them download and sign into the same applications from their personal phone.
- Communication and productivity apps are another common source of shadow IT, when employees who are frustrated by existing internal services being using external ones for work, such as trading out Teams calls for Zoom conferences when they can’t get the former to work.
- Cloud-storage can be another cause of shadow IT if employees are storing work files in unsanctioned Dropboxes or personal iClouds for whatever reason.
Regardless of the cause, it’s important to remember that shadow IT isn’t necessarily a bad thing, at least not entirely, and can even help employees handle technical issues without relying on internal resources. Of course, any business data that winds up outside your organization without authorizations is a serious concern, but remember that it’s not necessarily maliciously motivated, so taking the time to learn why employees are using shadow IT and how to manage it properly is important. We’ll delve into some more use cases and other potential benefits and risks next time, but if you’d like help wrangling yours in meantime, contact a TRINUS IT professional today for some stress-free IT.