Whether you realize it or not, many companies contain workstations with software that is not approved by the information technology (IT) department; instead, it has been adopted and installed by individuals or even, in some cases, entire departments. We call this use of unapproved applications or third party cloud services ‘Shadow IT’ due to its clandestine or covert status.
More often than not, these activities are not malicious in nature: they are merely a means of maintaining productivity when IT response times to support requests are sadly lacking. One key – and often overlooked – aspect of shadow IT is found in development environments where some users/developers are using public clouds to do development work, or running their own open source software in a virtual machine (VM) on someone else’s cloud.
The dark side of shadow IT
Users and developers often don’t realize the ramifications of using shadow IT. For instance, they don’t consider the fact that shadow IT: