Can you see your enterprise shadow IT?

shadow-it-300x171Can you? It’s there…hidden on your employees’ devices and on your network. We all know people try to use the path of least resistance in getting something done. Today, cloud computing allows us all to do almost anything from anywhere with relatively no resistance at all. Within corporations though, this can become a problem commonly known as shadow IT. “There are an astonishing 10,000 cloud services available on the market today, which creates a growing problem for IT around Shadow IT as only 9.3 percent of those apps meet enterprise data, security and legal requirements, cloud security company Skyhigh Networks found in its Q1 2015 Cloud Adoption and Risk Report.” Corporations need to control their proprietary information, network, and Web security. While employees may be thinking they can get their job done faster, the corporation is thinking about threats. “The result is technologies that empower individuals and teams limit the organisation as a whole.”

There are several views for this, all valuable. From the employees’ view, they believe they are finding ways to be more productive and efficient by using technology that is easily accessible and likely, not costing the corporation anything additional. It is quick and easy and can get the job done before the IT department would even have a chance to look at a request form. So, why would the corporation be upset? Here’s why–unauthorized applications, or shadow IT, can cause serious risks, such as Malware, data loss, and other severe network security concerns. As the responsible party, IT needs to know what is happening, especially when it comes to the random unauthorized applications users are bringing into the network.

What can be done? Which view holds more importance? That depends on your organization but gathering the information to make that decision can be quick and easy. You need total visibility into Web use so you can find and analyze any potential shadow IT. Proactive, comprehensive reporting of all Web-use activity allows a full view of users’ activities. IT and management need to see detailed drill-down activity per user, per group, or per category, and determine if the “shadow” application is to be quarantined, or discover the application is actually useful to the organization as a whole and add to the acceptable applications list.

It is important to take into consideration the employees’ need to have access to useful and contemporary tools. No post, article, or news story can tell you what to do within your organization. Only you know what will best suit your environment. Try collaboration though, between users, management, and IT. The key is to find the most useful applications and move toward applications that work, with the best interest of the overall corporation at heart.

Wavecrest Computing has been the recognized leader in Web Security for over 19 years with CyBlock and Cyfin Solutions. These scalable filtering and forensic reporting analysis products are designed to enable organizations to successfully address Internet abuse, legal liability, shadow IT, workforce productivity, and Web security threats.