The dangers of shadow IT

According to McAfee, the explosion of cloud-based software-as-a-service (SaaS) has significantly contributed to the growth of what has become known as ‘shadow IT’ in the workplace.

Shadow IT describes the practice of non-IT workers and departments either building or installing their preferred applications and programmes onto corporate devices and systems – without the permission or the awareness of the IT department.

Cloud computing, SaaS and the bring-your-own-device (BYOD) phenomenon, which sees workers using personal devices such as smartphones and tablets to carry out work-related activities, have all fuelled this trend in recent years.

This shift has not only raised security concerns in terms of workers taking confidential material out of the workplace, but also because of the possibility of introducing viruses and similar threats through unsecured devices.

Problems caused by shadow IT

Shadow IT causes many concerns for both the IT department and the business as a whole, especially when it comes to the security of company data.

The most common technologies being implemented through shadow IT tend to be consumer-grade technologies and popular consumer apps such as Facebook and Google Apps, partly because of the ease of implementation, but also because they are very popular with employees.

However, applications like these bring with them very loose security measures which can jeopardise a company’s overall data security programme.

In addition, by allowing employees to choose their own technology to use in the workplace, a company risks creating siloes between different departments, since different collaboration systems are often incompatible and thus unable to communicate with one another.  

>See also: CIOs left in the dark about technology spending outside of IT

How can shadow IT in the workplace be prevented?

In order to prevent shadow IT from becoming a problem, or even occurring full stop, businesses need to consider ways to make corporate IT systems not only flexible and easy for staff to use, but also visually appealing and fun in a number of areas.


Amazingly, many large enterprises are still using siloed legacy systems that hamper communication across the business and restrict employees in what they can do with the technology available to them.

Instead, all businesses should be paying close attention to social functionality when reviewing their IT systems. Innovation in this area can be used to create user interfaces that are similar to employees’ favourite consumer websites, and can often lead to new ways of communicating across the business.

Breaking down barriers between different areas of a business in this way can have a positive impact on performance, not only for individual employees but also for the business as a whole.


Whilst many businesses now have mobile friendly consumer facing websites, internal communications often lack this same mobile capability.

Forward-thinking business that make investments in improving the internal mobile experience and invest in business-to-employee tools can make aspects of their employees’ jobs much easier, faster and more enjoyable.

In turn, employees will not need to resort to using their own devices or their preferred programs and applications.

>See also: CIOs more integral to boardroom strategy than ever, say UK business leaders


Another way to engage employees and increase their satisfaction with corporate technology is to ‘gamify’ certain elements of applications and programmes.

Gamification can be integrated with a company’s social and mobile strategies to encourage participation from all areas of the business and can help support key business objectives and metrics.

When used correctly, gamification can animate even the most tedious of tasks and can therefore be extremely effective in motivating employees.

A lot can be learnt here from consumer websites and applications, and elements from both of these can certainly be adapted for corporate use. With attractive, engaging and easy-to-use technology options, there will be less likelihood of employees using shadow IT in the workplace.

Silver lining of shadow IT

Whilst there are a lot of operational issues brought about by the shadow IT trend, it must also be noted that there can be some benefits as well. The instant reaction to employees using unsecured or unapproved software or applications may simply be to ban them, yet businesses should first take a step back to look at employee engagement with the technology tools that they are choosing to use.

It may be that employees are using them due to the social, mobile or gamified elements they provide. As such, businesses should analyse all of these tools, programmes and applications and then determine whether they can be safely adapted for use in the corporate space.

In addition, shadow IT may open a business’s eyes to new innovations that could benefit the entire company, as well as fresh ways of thinking about corporate technology.

Ultimately, employees will do as they wish to some extent, but those businesses that show willingness to compromise and listen to their employees’ wishes will fare best in the long run.

>See also: Digital leadership: Do CIOs have it in them?

Shadow IT in the workplace

Thanks to BYOD and the increased flexibility provided by the cloud, it is now easier than ever for employees to install and run their chosen applications on both their personal and corporate devices.

However, we are now seeing shadow IT being taken one step further, with some employees now creating their own systems on corporate servers, and often bypassing the IT department altogether in order to use their preferred applications and programmes on their work computers.

This can be in the form of simply downloading instant messaging apps – such as BBM or Whatsapp – onto corporate mobile phones and tablets, or can go as far as employees setting up their own internal collaboration systems to store documents and communicate with each other.

Problems like these are not limited to any particular type of company; shadow IT is most likely occurring in some form or other at most corporate organisations these days.

In fact, according to research from McAfee, 80% of employees admit to using SaaS in their jobs without approval from the IT department.

This statistic should not only cause some serious concerns amongst today’s businesses, but also shows why shadow IT needs to be high on many businesses’ agendas.

Richard Acreman is the CEO of WM360.

Avatar photo

Ben Rossi

Ben was Vitesse Media's editorial director, leading content creation and editorial strategy across all Vitesse products, including its market-leading B2B and consumer magazines, websites, research and...

Related Topics