What is ‘Shadow IT?’
In the Software Asset Management world, Shadow IT is known for the use of software without IT department approval. Shadow IT also involves the use of information technology systems, devices, applications, and services, all of which are used without being tracked or monitored by the IT department.
Shadow IT has grown in usage since the push to work from home in March 2020 and we have seen the consequences of its usage. Though Shadow IT is often used for the improvement of employee productivity and can drive business innovation, Shadow IT introduces risks to security (data leaks, compliance, privacy) and increases IT spend, risking your IT budget in the process.
Shadow IT Examples:
Applications: Dropbox, Google Docs, Slack, Zoom, Microsoft Office 365
Hardware: Personal computers/ laptops, tablets, and smartphones
On-Premises Shadow IT & Cloud Shadow IT:
Shadow IT exists on-premise and on the Cloud. However, the tracking of usage and having proper management strategies is different for each.
When dealing with on-premises software (software installed directly on the device), you are required to manage software applications on your own, which means ensuring you perform the updates, track your usage, and ensure you are not in violation of your licensing agreements. Overall, this means you need to ensure compliance.
When using on-premises, you must manage:
That’s a lot of responsibility to fall onto your business, IT Department, and each employee, that often involves manual effort.
When dealing with Cloud software (available through the cloud & web url), SaaS is probably the area you are most familiar with, as it is the most popular form of cloud computing. Arguably, SaaS is the easiest form of cloud computing too. You do not need to install SaaS onto your device, rather your applications can be accessed via cloud. An example of SaaS is Microsoft Office 365, where you can share files via Microsoft Teams and edit in real-time using the cloud.
Other key characteristics of SaaS include:
- Offering security, compliance, and maintenance as part of the cost
- Most modern SaaS platforms are built on IaaS or PaaS platforms
Even though security features are included with Cloud, there are still risks with compliance, as many IT departments do not have a full inventory of what applications are being used by who.
From our research, the two big dangers of shadow IT are compliance and security.
Understanding Software Compliance
Software compliance helps ensure you are remaining compliant with your license usage. A big question to consider when trying to implement compliance management is: What am I legally entitled to use? If you have a solid answer to this question, then it is important to track your licenses to not go over any limits set.
An example of compliance:
Microsoft 365 licenses only allow for 5 installs on up to 5 different devices. If you are over-installed then you are no longer compliant.
Understanding Software Security
This is where the difference between on-premises software and the Cloud is noticeable. With the cloud, automatic updates are the norm. However, with on-premises, updates must be done manually to ensure the most up-to-date application changes are being used. However, the danger of Cloud shadow IT is that employees are putting company data at risk when using software that was not pre-approved by the IT Department.
An example of Cloud Shadow IT Security:
Your business pays for Microsoft 365 licenses for your employees, all licenses include Microsoft Teams subscriptions. However, your employees are using alternative video meeting platforms and not utilizing their Teams subscriptions.
How to Manage your Shadow IT – Improve your Budget & Remain Compliant
To improve where you stand with shadow IT, it is vital to take inventory of what software is being used. Here is how we suggest gaining a complete look on your software inventory:
- A wide range discovery methods. If you can find what is installed or being used, you have the power to control your usage and spending. Finding the technology is possible with a variety of agentless means.
- Agentless inventories. Using agents for inventory is a thing of the past. Your data will never be 100% if you rely on agents. Instead move over to agentless technology, which can create detailed inventories of everything (even if the devices do not have an agent installed).
- Remote locations. Just because they are small satellite offices doesn’t mean you can ignore them. Remote scanning technologies can now provide accurate inventories from the smallest sites.
- Security clearance. Ensure you have the credentials for access. New technologies reduce the need for high level security clearance.
With our advice, you will get to 100% inventory by tackling the issues one by one, gradually achieving your goal. Tried and tested methods exist, you just need to know how to use them.
TBSC offers comprehensive hardware and software scans through zero-touch agentless technology. Our smart scans make sure you are utilizing your current SaaS whilst offering automatic savings recommendations and optimization opportunities.
Get your FREE Health-Check and Report. Find out where you stand with Shadow IT
Register now and for 30 days you will have access to Smarter SaaS for 365, a top cloud software management tool that promotes optimization and cost savings on Microsoft 365 licenses and usage.
See for yourself how we have helped many businesses with their software asset management!
o Fully automatic reporting and analysis
o Viewing individual software usage to date
o Cost savings opportunities
o Optimization opportunities
o Training opportunities
o Reharvesting options
o Compliance reassurance
o Free TBSC advice and analysis