Is your organization aware of every app, website and tool your employees leverage to get their jobs done? Most IT teams would like to think so.
In fact, companies invest in a wide variety of productivity, communications, storage and collaboration tools for their workforces to ensure employees can get things done efficiently and effectively. What more could workers possibly need?
It might surprise you to learn that, according to a recent survey, 62% of remote workers confess to using rogue applications for work that their IT department does not know about.
Why does Shadow IT happen?
So why are only 38% of workers sticking to their employer’s list of sanctioned IT software? Digging into the events of 2020, one can make some assumptions. Due to stay at home orders and team members conducting more work outside of the office, IT has lost a certain amount of visibility and control.
Employees themselves may also be feeling a sense of freedom. They no longer have to worry about using an office network or being caught in the act leveraging an outside resource. The result is a mix of different applications and services being used by employees to help fill the gaps they need. Without knowledge of this activity, businesses are put at increased risk of data leaks, and potential security breaches.
Where is it happening?
What online tools and services are so important to employees that they’re willing to breach their corporate policy to use them?
The answers are more obvious than you might have thought…
The top 5 culprits
1. Productivity tools
The number one category of software remote workers leverage (in an unsanctioned manner) is productivity tools. This is a different view to the sinister one that comes to mind when most think of ‘shadow IT’.
Workers are clearly not attempting to sabotage their businesses here by accessing rogue sites. They are simply using tools that help them to be more productive while working from home.
Looking at some of the most relevant tools in this category, I’m sure you can empathise. Google Docs, while not being sanctioned by most IT teams, allows for workers to share and collaborate on files quickly and easily.
That being said, IT teams need to know what tools workers are using in order to lock them down effectively. The wrong file shared over an online PDF converter can mean an unintentional data leak, and huge repercussions including financial and reputation loss for the affected business.
Communications software comes in as a close second for shadow IT and includes tools like Zoom, Slack and WhatsApp. Again, it’s no surprise that team members are engaging and communicating with one another. What may be more shocking to organizations is that workers are seemingly unsatisfied with the communications tools that IT has put in place for them.
Understanding what communications tools your workers are using (outside of sanctioned ones) is half the battle. If your IT team can understand the issue, it makes solving the problem simple. Maybe it’s an investment in Slack for your workforce or a training session on how the current communications software you’ve implemented has many of the same features.
Regardless, it’s important to ensure the communications tools your workers are using are consistent and secure. Messages regarding sensitive corporate information, sent on unsanctioned messaging platforms (although they may be secure in themselves) can easily fall into the wrong hands.
Coming in third, well below productivity and communications software is storage tools. This includes applications like Dropbox, Box and WeTransfer. These names are exceptionally well known and well-used across many businesses, regardless of if they’re sanctioned or not.
The good news is it seems companies have taken a step towards combatting this unsanctioned use by giving workers access to storage in ways that work. Dropbox for example now has a business-targeting offering that satisfies a more robust security standard.
That being said, if businesses aren’t investing in storage capabilities, this may be something important they should consider. Large files being uploaded to insecure storage sites is a simple way of leaking data that most employees take advantage of frequently, when left without an alternative.
Collaboration tools come in last place as a Shadow IT software category. It’s easy to see this as a positive. While some folks are using tools like Asana, Trello and Coda without IT knowledge, it seems like the majority have their collaboration tools needs met.
That being said, this data is still very interesting. Imagine a discovering that a team within your organization is using Asana without IT knowing about it. Again, this is a situation that can be easily resolved and likely came to be due to workers’ needs going unmet. If Asana is being used, it usually means a team is attempting to organize themselves and collaborate more effectively. If IT can uncover and recognize this need, they should be able to help the situation by either investing in Asana licences and training staff or satisfying these functional needs in another way.
This category incites nerves right off the bat (especially for IT teams), because there is really no way of knowing what tools fall into ‘other’. What can be said however, is that remote workers are selecting this as their answer because they are using certain tools without IT knowledge.
What does it all mean?
Clearly, this analysis has uncovered what many would call a problem. With 1 in 4 survey respondents revealing to NetMotion that they use a significant number of tools outside the official IT policy, something needs to be done.
But is Shadow IT really all bad? In some ways, yes, a lack of visibility for IT is generally never a good thing. But in other ways, what this article has demonstrated is that while yes, workers are accessing unsanctioned tools, they are doing so in the interest of getting work done.
And what can you do now?
How does your company combat this? Every organization is different. Your team may have a mixed bag of Shadow IT, or a large number of instances falling into one very specific category. The bottom line is your team needs visibility outside the four walls of the office. IT needs to be able to decipher what tools workers are accessing, on any network.
And with that visibility, IT needs to engage with workers and find effective solutions rather than completely shutting down productive ways of working. Shadow IT can be managed to become something positive, rather than the more archaic model of restricting workers, their methods, and their devices.
To learn more about the visibility and control the NetMotion platform provides, contact us today.