Shadow IT Goes Home: Risks and Advantages

by SGT University Best University in Gurgaon

Look back 20 years, where PCs were kept secure by locking them down and only approved apps and features were available. IT was responsible for sourcing, licensing and managing all workplace technology. Only those softwares were allowed, which were provided and managed by IT. There was the time, when access to the large parts of the web was blocked including social media as well and there was no expectation that, to access personal data, users would be able to access their PC’s at work. If something needed to be installed in PC, this always need an IT staffer to come to your work place and reliving you of your PC while applications were installed. Then with the changing times workers began to find apps or cloud services that helped them to accomplish the tasks without any say from IT. At this time IT had little response but to block those devices from accessing corporate Wi-Fi, which only seems to be powerful though not it is because connectivity came with the device. Cloud services were also becoming a greater influence at the same time both at work and at home. Non corporate devices came with free access to software services that could now be purchased for a small adhoc team.

This is shadow IT—employees and executives working out with their own personal set of tools, what they need to accomplish. Shadow IT refers to technologies, services, solutions, projects and infrastructure utilized and managed without following policies/ formal approvals and support of internal IT department. Shadow IT systems bypass the approval and utilize the unauthorized technology without the knowledge of their IT department.

While employees find themselves convenient to complete their tasks using shadow IT systems, the technology introduces risks which are unprecedented, inefficient and cost to the organization. The organization has no control and visibility into the data which is migrated to shadow IT systems. Security, data leaks and inability to perform disaster recovery measures involving data in shadow IT systems when required. When data is stored and used in multiple locations, system inefficiencies also arise. If the organization is not informed about the discrepancy in data, IT departments cannot plan for security, system architecture and performance across shadow it apps.

There are some instances where advantages of the shadow IT systems are more than the associated risks if support infrastructure fulfills the security and availability requirements. These include: Storage and backups, Data ownership, Data retention, Data classification, Access Control etc. are the advantages of Shadow IT system.

By understanding Shadow IT, the expectations and needs of users and the risk associated with it, organizations can transform Shadow IT into a system that drives disruptive innovations. Before that organization needs to devise strategies that work toward the collective goal of employees. If done correctly it will help the organizations to deliver better products into the market, faster and through convenient efforts on part of IT users at the workplace.

Kanishka Raheja Department of Computer science, SGT University Gurugram,