An employee’s desire to increase productivity is an asset. This post explores how to empower employees without increasing Shadow IT risk.
Shadow IT represents the unsanctioned download or use of systems, devices, software, or applications without IT approval or oversight. The biggest driver of Shadow IT is the desire by employees to increase their own work efficiency. Many times, employees are unaware that their actions put the organization at risk. With the majority of organizations now supporting a remote workforce under COVID-19, we will see a growth in Shadow IT. Unfortunately, many attempts to “clamp down” on Shadow IT create employee frustration. In this post, we will outline how to combat Shadow IT with a solution that empowers employees.
The Growing Problem of Shadow IT
Shadow IT has grown in recent years, in part due to the consumerization of IT. With consumer devices now the norm in most enterprise environments, for laptops, tablets and smartphones, many consumer purchasing habits have entered the workplace. Gartner estimates that 30-40% of IT spending in large enterprises is “Shadow IT.” A recent survey found that 63.5% of people admit to creating at least one account their IT department did not know about.
With many organizations shifting to remote work under COVID-19, the threat of Shadow IT has only increased. Many organizations will not have clear policies related to employee software purchases or remote work. Equally, many employees working from home may not consider contacting IT for the software they need.
On the one hand, it is great that employees are actively engaged in technology and are willing to spend their own money to be productive at work. On the other hand, this behaviour introduces significant risk when devices or software on the network remain unmanaged. Shadow IT introduces many challenges to organizations, including:
- Visibility gaps that introduce security risk such as data loss, compliance issues, or the risks associated with unpatched vulnerabilities that could provide a way “in” to the network. Unmanaged Shadow IT may be misconfigured, include malware, use unmanaged passwords, lack adequate updates, or lack the standards to maintain data compliance.
- Application bloat or “sprawl” that increases software costs and license inefficiency
- The use of software or services that may be less effective than other options from a productivity standpoint
- The introduction of software and applications that may be incompatible with existing hardware or software
How to Manage Shadow IT Without Frustrating Employees
Mitigating Shadow IT risks involves a combination of education and policy improvements with technology to either detect or restrict unapproved applications or cloud solutions. These Shadow IT tools are often punitive and restrictive, making it impossible for employees to get what they need to remain productive. Restricted from downloading a solution, employees have to come to IT for each and every request, a process laden with delays. Punitive Shadow IT tools only add to employee frustration.
Detection and education are indeed key to the management of Shadow IT, but only when employees have an alternative way to get the tools they need when they need them. Self-service IT can help provide employees with the apps they need, without compromising security, compliance, or admin privileges.
FileWave’s self-service kiosk allows IT to vet and properly configure applications that employees can install whenever they need it. Rather than restricted or frustrated, employees remain empowered to solve their own problems with a variety of solutions.
Employees can access applications from the kiosk without needing to go through IT, ensuring everyone remains productive. Best of all, installing or uninstalling pre-approved content doesn’t require end users to have admin rights, so passwords, and devices, remain secure.