Shadow IT is not a new term, but it has become discussed and paid attention to particularly over the last year. With the SaaS inventory being about 20 times bigger than what CIOs presume, more and more companies are looking at what they can do to manage SaaS better, how shadow IT is affecting them and whether it also brings some benefits for the organization, in addition to issues.
Purchasing software that requires on-premise install is no longer attractive, is considered clumsy and counter-productive.
SaaS applications are self-served, easy to sign up by anyone and can be used right away. Free trials, freemium models and affordable pricing further encourage the adoption and evaluation of new SaaS assets.
We see SaaS tools becoming well connected and communicating with each other, with data easily being shared across them.
With the majority of the current workforce being born in an era of software solutions, we are accustomed to researching, evaluating, choosing and using software, daily.
It’s true that shadow IT is mostly assumed to be bad for the organization, and people who sign up for those non-monitored SaaS tools considered to be breaking the corporate rules and discipline. But, shadow IT also poses certain advantages:
The variety of SaaS tools used allow for increased productivity, which boosts employee motivation and engagement.
The people bringing the shadow SaaS tools in the organization may as well be contributing a lot to innovating the company, they are moving away from the decision of the group and rather, choose to go for a tool that others may not have opted for using.
When employees are more flexible with signing up new SaaS tools, they get used to being on the lookout for better and more innovative technologies. This contributes to establishing the company as a modern and technologically advanced organization, and makes it far more competitive.
With technologies being improved on a daily basis, ITs need to meet really high standards for their own work.
The uncontrolled use of many SaaS tools across the organization also brings a lot of headache for the IT teams and employees alike:
This accidental discovery of new software requires the IT to start tracing who signed up the software, review and approve it for use, and then take ownership for it.
When separate employees or teams are signing up for different software, collaboration is impacted and may be clumsy and inefficient.
Security issues occur since company and user data is now available to more SaaS tools which makes security attacks an event that is more likely to happen.
Company and customer data may be shared with numerous SaaS tools, without clear idea of whether this data can be exposed, resold, shared, etc. and with no control on who can access this data
ITs usually realize the existence and size of shadow IT in the organization quite late in the time. Then, they need to act against the employees who have broken the rules - they may discuss the issue with them, block the shadow software from being used or take the needed steps to vet it. In any case, however, this causes some personal tension between ITs and the employees. And if ITs find out about the shadow software usage many months later, this tension may be quite strong, following their concerns on the potential security and data sensitivity risks.
But, employees simply do not see the shadow IT issues from the standpoint of ITs. They cannot realize the data breach and security risks they exposed the company to, because they are not qualified and trained to understand and deal with them.
It is clear that hindering the employees’ adoption of new SaaS tools is not an option for resolving shadow IT. Employees should, rather, be working together with ITs and business leaders on uncovering shadow IT, so the advantages of the newly adopted SaaS tools can be used in full, without compromising the corporate risk, compliance, security, etc. In addition, companies should be getting support from technologies like Oveo SaaS management platform to automatically discover shadow IT using data from browsers, single sign-on tools and so on.
To start with, companies should be clear on the people who are keen about experimenting and testing new software - the early adopters. It should encourage them to research the latest SaaS innovations and products in their field, teach them how to assess their compliance, security, data sensitivity, etc. Thus they would efficiently collaborate with the IT team and support them.
Then, the company should educate their employees on the costs behind shadow IT, as well as about the hidden costs and risks. It should give clear examples of possible data breach situations created by SaaS assets. Thus, employees can still be productive and motivated to keep innovating, but also will be attentive and careful when picking the best software to use.
If you are keen to find out how Oveo SaaS management platform can support your efforts to eliminate shadow IT - contact us for a personalized demo!