Actions

Shadow IT

Revision as of 04:45, 7 January 2019 by User (talk | contribs) (Shadow IT is a term often used to describe information-technology systems and solutions built and used inside organizations without explicit organizational approval.)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Shadow IT is a term often used to describe information-technology systems and solutions built and used inside organizations without explicit organizational approval. It is also used, along with the term "Stealth IT", to describe solutions specified and deployed by departments other than the IT department. Shadow IT is considered by many an important source for innovation and such systems may turn out to be prototypes for future approved IT solutions. On the other hand, shadow IT solutions are not often in line with the organization's requirements for control, documentation, security, reliability, etc., although these issues can apply equally to authorized IT solutions.[1]

The consequence of stealth IT is that it opens up both security and legal risks for the company. Unfortunately, IT doesn’t discover many of the stealth IT incidences until they have caused significant damage. By then it is a much bigger problem to fix. The IT department loses control on activities and services in the organization and often Sys Admins find themselves solving issues that they originally had nothing to do with.

Here are some common stealth or shadow IT technologies that may already exist in your company.

1 Online/Cloud Storage: With the numerous online or cloud-based storage services like Dropbox, SkyDrive, and Google Drive, users have quick and easy methods to store files online. They can sync them between computers, access data from anywhere, and even easily install and use on personal devices.

2 Free File Transfer: Company email accounts generally have limits on file attachment sizes. Users frequently need to exceed these limits, and end up finding a work-around by using external file transfer sites that offer a free service. Online services like YouSendIt or DropBox let you upload large files to their servers; you can then send a link to anyone you want so it can be downloaded.

3 Personal Email Accounts: Companies require their employees to conduct business using the corporate email system. However, users frequently use their personal email—Hotmail or Gmail accounts either because they want to attach large files, connect using their personal devices, or because they think the company email is too slow.

4 Cloud-based IP Telephony services: Employees often use cloud-based IP Telephony services like Skype or Google Voice to communicate with others both inside and outside the organization. The problem here is that the company stands to lose data or valuable customer information once the employee leaves the organization.

5 Website Hosting: When an employee goes completely outside IT to put up a project or department Website with a 3rd-party hosting provider, there comes a point where that employee leaves the organization. As a result, there is nobody to maintain the site, the subscription expires and the site goes down.

6 Infrastructure/Hardware Purchase: Companies employ hardware standards to help make support manageable throughout the organization. But problems can occur is an executive makes his own hardware purchase and expects IT to support it. For example, application development departments use Amazon Web Services (AWS) to have their production environments ready to go in less time than their own IT processes.[2]


References

  1. Defining Shadow IT Wikipedia
  2. Stealth IT - The Flip Side of BYOD Dameware
Retrieved from "https://cio-wiki.org//index.php?title=Shadow_IT&oldid=3616"