“…A whopping 81 percent of employees admitted to using unauthorized SaaS applications.”
For many organizations, the cloud security risks of shadow IT are becoming well known. Putting sensitive or unprotected corporate data in cloud applications that haven’t been appropriately evaluated and secured by the IT department can lead to data breaches and their serious consequences. But are there any upsides to shadow IT?
In fact, there is one major upside to shadow IT, and that’s its ability to point the way towards the real needs of an organization’s employees and lines of business. A recent Shadow IT survey conducted by GigaOm Research for CipherCloud illustrates why.
One of the key takeaways of the survey is the continued growth of the cloud market. IT spending on both Software as a Service (SaaS) and Infrastructure as a Service (IaaS) is set to increase in the coming years, and the growth of IaaS in particular shows the increasing acceptance of the cloud by enterprise IT departments.
In looking at IT spending on the cloud, the question at your organization should be: Are we focusing our cloud spending in the right areas or on the right applications? And this is where shadow IT comes in.
Once you’ve taken steps to discover just what shadow IT applications your employees and lines of business have adopted, you’ll have a clear idea of what kinds of cloud applications your IT department needs to secure and enable. This is because shadow IT usage patterns shed light on your organization’s urgent and unaddressed IT needs.
Among the most commonly requested cloud applications in the enterprise are those that enable anytime, anywhere collaboration and productivity. File sync and share services are always in demand, as are messaging tools, cloud-based email, and CRM and sales automation applications. It’s easy to see why. Employees with projects to complete may not want to be (and may not be able to be) tethered to the corporate network or VPN at all times, and a lack of cloud-based solutions in place when they need them becomes a significant limitation. Identifying needs like these within your organization and taking steps to address them in a way that minimizes compliance and cloud security risks will go a long way towards reducing end users’ temptation to adopt shadow IT.
And if you’re thinking that that’s all well and good at organizations where shadow IT is really a problem, but your organization isn’t one of those, think again. The GigaOm survey reveals a shocking statistic: A whopping 81 percent of line-of-business employees surveyed admitted to using unauthorized SaaS applications. That’s a very large number, leading to a very large chance of data security risks and compliance violations.
When it comes to shadow IT, the problem can itself become a tool to find better solutions. What will you do? Will you shut down employee cloud usage, limiting their productivity and plunging your organization into the past? Or will you listen to your employees’ needs—as expressed in their use of shadow IT—and enable them to do what they need to, when they need to, in a way that protects corporate data and preserves regulatory compliance?
For more information about why you need cloud information protection, download our report or watch the 5-minute talk from CipherCloud’s co-founder Marc Andreessen.