{"id":8187,"date":"2014-07-29T10:00:24","date_gmt":"2014-07-29T15:00:24","guid":{"rendered":"http:\/\/www.mrc-productivity.com\/blog\/?p=8187"},"modified":"2022-11-22T11:20:46","modified_gmt":"2022-11-22T17:20:46","slug":"6-common-shadow-it-misconceptions","status":"publish","type":"post","link":"https:\/\/www.mrc-productivity.com\/blog\/2014\/07\/6-common-shadow-it-misconceptions\/","title":{"rendered":"6 common Shadow IT misconceptions"},"content":{"rendered":"

\"Education\"Summary: Shadow IT–a term used to describe unapproved IT systems and solutions used inside organizations–is growing rapidly. Learn a few common misconceptions surrounding the topic, why it’s so hard to control, and what your company should be doing about it.
<\/em><\/span>
\n<\/a>
\nA hotly debated topic, \u201cShadow IT\u201d is a term used to describe unapproved IT systems and solutions used inside organizations. According to this study<\/span><\/a>, over 80% of employees admit to practicing Shadow IT in their job. <\/p>\n

Why is this such an issue? First and foremost, it takes company data outside of IT\u2019s control. If employees (or entire departments) purchase and use third-party solutions, IT has no way of managing and securing that data. <\/p>\n

Imagine the problems caused by widespread Shadow IT adoption.<\/p>\n

The problem is, solving Shadow IT isn\u2019t cut and dried. Why? One reason: It\u2019s hard to identify<\/span><\/a>. You can\u2019t solve a problem if you don\u2019t know you have one. After all, employees won\u2019t tell the IT department that they\u2019re operating behind their backs. <\/p>\n

Another reason: It\u2019s surrounded with misconceptions. It\u2019s hard to solve a problem that you don\u2019t quite understand (or understand incorrectly). In this article, let\u2019s focus on some of those areas. Here are 6 of the most common misconceptions surrounding Shadow IT.<\/p>\n

1. Shadow IT is just an end user problem<\/h3>\n

We hear about Shadow IT in terms of business departments and employees. An employee may use an outside cloud solution without IT\u2019s knowledge. Or, entire departments may adopt third-party software products behind IT\u2019s back. <\/p>\n

But, did you realize that Shadow IT isn\u2019t just an end user problem? According to the same study mentioned above, IT departments are even more likely than business users to engage in Shadow IT. <\/p>\n

For executives trying to control Shadow IT, this adds an extra layer of complexity to the problem. Addressing Shadow IT doesn\u2019t stop with end users and business departments. It extends to the very employees in charge of securing your data. <\/p>\n

2. Shadow IT exists because IT Departments don\u2019t want to give up control<\/h3>\n

\"photo
photo credit: Found Animals<\/a> via photopin<\/a> cc<\/a><\/figcaption><\/figure>A common misconception held by business users, many assume that IT opposes outside software\/services because it lessens their control. In reality, IT departments oppose it because it creates security risks. After all, managing corporate data is their job. How can they manage that data if they don\u2019t know where it is?<\/span><\/p>\n

\n\u201cMany users don’t realize the importance of keeping IT in the loop,\u201d says Tom Scearce, senior product marketing manager at Attachmate<\/span>. \u201cIt’s the IT department’s job to track sensitive information that goes in and out of an organization and when people collaborate through a mix of email, FTP and third-party SaaS platforms it creates a messy file system that the organization’s IT experts can’t keep track of and exposes vital corporate information assets to a wide range of threats. If IT isn’t in the loop, it’s a problem.\u201d\n<\/p><\/blockquote>\n

3. Cloud services are secure enough for enterprise use<\/h3>\n

Some business users adopt cloud services behind IT\u2019s back, assuming they are secure. But, as we\u2019re learning with every new security breach, proper security practices aren\u2019t always practiced. Business departments can\u2019t assume that any third-party service includes the security measures required by the company. <\/p>\n

\n\u201cCloud-based services like Dropbox have become incredibly popular among business users because they’re easy to use and convenient, but users don’t realize that these services do very little to manage the risks inherent to file sharing in a business context,\u201d says Scearce. \u201cA common misconception is that cloud-based services are secure enough for enterprise use but groups, both legitimate and otherwise, have poked holes through the encryption of various cloud apps, showing that they lack proper encryption to prevent data breaches. This is incredibly important because it leaves organizations vulnerable to security breaches.\u201d\n<\/p><\/blockquote>\n

4. Shadow IT control = Controlling devices and software purchases<\/h3>\n

\"photo
photo credit: miniyo73<\/a> via photopin<\/a> cc<\/a><\/figcaption><\/figure>Too often, we focus on the symptom rather than the root of the problem. Shadow IT is no different. Businesses see employees using their own devices and purchasing third party tools, and assume that\u2019s the problem. <\/p>\n

Rather, they must address the root cause of that problem–understand WHY employees are doing that in the first place. To truly control Shadow IT, you must move beyond the misconception that it revolves around device and software purchasing control.<\/span><\/p>\n

\n\u201cMany organizations focus on devices and not users to address Shadow IT,\u201d says Matt Bingham, Director of Product Management at LANDESK<\/span><\/a>. \u201cThe reality is, if organizations focus on managing devices, they neglect to address the root of the issues around Shadow IT, which is the productivity needs of their workers.\u201d\n<\/p><\/blockquote>\n

5. Shadow IT is always a bad thing<\/h3>\n

One of the most dangerous misconceptions, many businesses approach Shadow IT like any other problem. They look for ways to stop it. Why is this so dangerous? As explained below, Shadow IT holds great potential for businesses. Approaching it as a problem keeps your organization from potential rewards.<\/p>\n

\n\u201cOne of the biggest misconceptions surrounding ‘Shadow IT’ is that it is inherently negative,\u201d says Fred Kirwin, Business System Analyst at Eliassen Group<\/span><\/a>. \u201cI don’t feel that’s the case. Shadow IT becomes a positive when the enterprise experiments with systems that may not be approved by the IT department because of a lack of experience or organizational politics. Piloting ‘unsanctioned’ technology, to cite one example, can help to serve as prototypes for larger projects. ” ‘Shadow IT’ can also be deemed a positive for an organization when it expedites the delivery of a solution to a problem within the business. A great example of this is within the realm of BYOD. Say your organization did not have in place the necessary mechanisms to use a specific device that your sales team needs to perform its duties. What happens? They adopt the technology on their own, which in turn, pulls the organization along with them. In such a scenario everybody wins.\u201d\n<\/p><\/blockquote>\n

He makes an excellent point. Shadow IT isn\u2019t a problem to be stopped. When properly controlled, it becomes an opportunity for your business, and can boost overall productivity. <\/p>\n

\n\u201cAt the end of the day, employees are hired, fired and compensated based on their ability to do their jobs,\u201d explains Kirwin. \u201cThe IT department may not have the expertise, time, budget or willpower to meet everyone\u2019s needs all of the time within the time-frame that they need it. Shadow IT may increase productivity and help the business.\u201d\n<\/p><\/blockquote>\n

6. There is a one-size-fits all solution<\/h3>\n

When approached as a problem, businesses seek a solution. The only problem: There is no one-size-fits-all solution for Shadow IT. Every business is different. Security needs are different. Users are different. How you approach Shadow IT may differ from how the company down the street approaches it. <\/p>\n

\n\u201cToo many departments use a one-size-fits-all approach,\u201d says Bingham. \u201cThe reality is that each organization is different \u2013 some have high security, some are more balanced and some have a completely open environment. To be effective, organizations need to customize their approach to their IT policy and how they will handle Shadow IT.\u201d\n<\/p><\/blockquote>\n

If there\u2019s no single solution to Shadow IT, what should you do? My advice: Don\u2019t try to stop it. After all, that\u2019s one big reason Shadow IT occurs in the first place. Users feel they can\u2019t get the solutions they need from their IT department, so they seek outside options. <\/p>\n

Instead of control, work on securely channeling Shadow IT. Understand what solutions they need, and securely implement those solutions. Give them a way to accomplish their goals, while giving your IT department control over data and user access. While there\u2019s no single solution for every company, that approach will help you turn Shadow IT from a negative into a positive. <\/p>\n

So, what do you think? Is there anything you would add to this list? If so, please share your thoughts in the comments.<\/p>\n","protected":false},"excerpt":{"rendered":"

Summary: Shadow IT–a term used to describe unapproved IT systems and solutions used inside organizations–is growing rapidly. Learn a few common misconceptions surrounding the topic, why it’s so hard to control, and what your company should be doing about it.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"default","ast-global-header-display":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","slim_seo":{"title":"6 common Shadow IT misconceptions - mrc's Cup of Joe Blog","description":"Summary: Shadow IT--a term used to describe unapproved IT systems and solutions used inside organizations--is growing rapidly. Learn a few common misconceptions"},"footnotes":""},"categories":[8],"tags":[77],"class_list":["post-8187","post","type-post","status-publish","format-standard","hentry","category-education","tag-shadow-it"],"_links":{"self":[{"href":"https:\/\/www.mrc-productivity.com\/blog\/wp-json\/wp\/v2\/posts\/8187","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.mrc-productivity.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.mrc-productivity.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.mrc-productivity.com\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.mrc-productivity.com\/blog\/wp-json\/wp\/v2\/comments?post=8187"}],"version-history":[{"count":8,"href":"https:\/\/www.mrc-productivity.com\/blog\/wp-json\/wp\/v2\/posts\/8187\/revisions"}],"predecessor-version":[{"id":13981,"href":"https:\/\/www.mrc-productivity.com\/blog\/wp-json\/wp\/v2\/posts\/8187\/revisions\/13981"}],"wp:attachment":[{"href":"https:\/\/www.mrc-productivity.com\/blog\/wp-json\/wp\/v2\/media?parent=8187"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.mrc-productivity.com\/blog\/wp-json\/wp\/v2\/categories?post=8187"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.mrc-productivity.com\/blog\/wp-json\/wp\/v2\/tags?post=8187"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}