Data Protection and Cloud Security in a Shadow IT World: New GigaOm Research Report

Cloud Security, Shadow IT

Written by Michael Higashi

As you may have noticed, we’ve been talking about shadow IT a lot in this space. It’s for good reason: Of all the security threats facing the enterprise today, shadow IT is becoming one of the biggest ones, yet its problems some of the most preventable. It’s amazing how easily employees and lines of business can adopt SaaS applications without IT’s authorization—and it’s preventable thanks to tools that allow organizations to discover shadow IT and discover the lessons that shadow IT adoption can teach.

What are some of the key facts to know about shadow IT and its threats to data protection and cloud security? According to a recent GigaOm Research report commissioned by CipherCloud, some of them are:

  • Shadow IT is pretty much everywhere. Unsure whether shadow IT is as much of a problem as it seems? Just consider this fact: 81 percent of the line-of-business employees surveyed admitted to using SaaS applications without IT’s approval. In fact, 38 percent of employees deliberately went around IT in adopting applications because of the IT approval process in their companies is reportedly to slow.
  • Shadow IT is well-intentioned.Employees aren’t requesting cloud services (and adopting them behind IT’s backs) just for fun. Rather, they’re doing it to make their work lives easier and to be more connected and more productive. This can be seen in the top cloud services business users request: web presence, communications, and disaster recovery.
  • Shadow IT undermines cloud security and data protection strategies. When it comes to the worries that can make enterprises hesitant about adopting the cloud, security in public and private clouds tops the list, with a whopping 62 percent of respondents indicating that it is a concern. Shadow IT makes things worse. Impatient with enterprise reluctance to adopt cloud computing, employees adopt it on their own, incurring exactly the cloud security risks that the organizations hope to avoid.

Understanding facts like these can help make the task of detecting and controlling shadow IT less daunting. Yes, shadow IT is very common at organizations, and it can be a serious problem, but it can be made much less so simply by understanding the needs that employees are attempting to address when they adopt cloud applications on their own. Tools like CipherCloud’s Cloud Discovery solution will identify and provide risk scores for all cloud applications in use on an enterprise network, easing the way towards better control.

Ready to learn more about shadow IT and its impact on cloud security and data protection? Download the GigaOm report here. Then come tell us what you think about the results in the comments.