Technology Blog »

Shadow IT: How You Could Be Losing Control of Your Business


In today’s immediate gratification generation, employees in small to medium-sized businesses are often looking for the easiest, most convenient, and quickest access to data and other IT services. Often times, these employees have very little tolerance for what they perceive as an obstacle to completing their task. There is a sense of entitlement to all things “cloud”. File-sharing applications, cloud storage and collaboration tools are all at user's fingertips and in most cases are free for personal use, but often businesses are required to purchase the “Pro” or paid versions in order to have access to the software’s full capabilities and securities. This is often overlooked by the eager worker, who may opt for the free version, looking to get their tasks accomplished instantaneously, without regard for company safety.

While applications such as Dropbox, Hightail, or Google Drive can be seemingly convenient and productive tools, they aren’t always the safest approach in a business environment, especially if not configured by your IT department or your Managed Service Provider (MSP). Businesses may store client records or sensitive accounting information, personal data such as credit cards, or even their own employees’ personal information. The use of these applications within the workplace has grown exponentially over the past number of years and, unfortunately, has put businesses and their IT at risk; specifically when used without the consent of the company’s IT professionals. In the tech world, this is commonly referred to as Shadow IT, and unfortunately it is a very serious and prevalent threat to businesses of all shapes and sizes.

Shadow IT describes the sharing and/or publishing of data through un-secure platforms without the knowledge of the company’s IT department.

On the surface, Shadow IT might not sound threatening. However, the reality is that security risks are introduced when employees use platforms that are not given the same standards and protocols that are supplied to company supported technologies.

By not including your internal IT department or MSP in the implementation of new technologies, the entire business is ultimately put at risk. Without doubt, your IT department or MSP has a set of standards and practices which need to be adhered to in order to maintain a secure network. When impatient or over-eager employees take it upon themselves to make decisions without including the IT department, regardless if they are managers, supervisors or hourly employees, their negligence could be opening their company to system failures, data breaches, and a whole slew of terrible repercussions. This harmless attempt to speed things along has now created a domino effect, causing a full blown IT and PR nightmare.

Get a Technology Threat Assessment

Whether you are running a company that employees 5 or 500, Shadow IT is a threat that you need to take very seriously. Depending on your business, eliminating these cloud-based file sharing applications may be unrealistic. Therefore, having an MSP or internal IT team vet these cloud-based solutions is a way to ensure full transparency and protection for your business and it’s network. When running a business, storing confidential information is unavoidable- whether it’s employee HR files or customer payment information - it’s important to keep it safe and secure. This ensures a good reputation with your customers and/or clients, avoids PR nightmares, lawsuits and unnecessary setbacks for your business.