Home →Security →Shadow IT's Growing Footprint

Shadow IT's Growing Footprint

By Tony Kontzer | Posted 01-16-2014

1 of

Shadow IT Is Rampant

81% of line-of-business workers and 83% of IT staff admit to using nonapproved SaaS apps.
Creatures of Habit

49% of business and 42% of IT workers use nonapproved SaaS apps because they're familiar with them.
IT Is Not Responsive

38% of business and 32% of IT workers use these apps because IT approval processes are too slow.
Seeking the Best

24% of both business and IT workers use nonapproved SaaS apps because they are better than the approved alternative.
Limited Options

18% of business and 14% of IT workers use these apps because the approved tools don't perform needed functions.
Aware of Risks

33% of IT and 30% of business workers express a "high level of concern" over potential SaaS risks such as loss of data and breaches.
Unclear Policies

Business workers are three times as likely as IT workers to think their company has no SaaS policies—or to not be aware of any.
IT Is a Bigger Offender

26% of IT departments use six or more nonapproved SaaS apps; just 7% of business units use that many.
Facebook Risks

Facebook is used without IT approval in 45% of enterprises, and 19% of them have been infected by malware.
Google Apps Risks

Google Apps is used without IT approval in 40% of enterprises, and 27% of them have leaked sensitive data.
Dropbox Risks

Dropbox is used without IT approval in 38% of enterprises, and 24% of them have experienced unauthorized access.
- Shadow IT's Growing Footprint
  
  View Slideshow »
View All Slideshows >

The "shadow IT" phenomenon may be a bigger issue than companies have realized. As software-as-a-service (SaaS) apps have risen in effectiveness, stature and influence, their use outside the purview of IT has spread like wildfire. Such are the findings of a study conducted for McAfee by Stratecast, a unit of Frost & Sullivan. In surveying 300 IT workers and 300 line-of-business workers at enterprises in the United States, United Kingdom, Australia and New Zealand, Stratecast found that more than 80 percent of both groups admit to using SaaS apps at work without IT's approval. Despite the fact that many respondents are aware that they're circumventing IT approval processes and introducing potential risks, they feel that the business value in rogue SaaS apps outweighs any potential concerns. The message for employers is clear: "Businesses need to protect themselves, while still enabling access to applications that help employees be more productive," said Pat Calhoun, McAfee's general manager of network security. Specifically, the study makes a few pointed recommendations: Don't block popular SaaS apps that help employees get their jobs done; give employees the freedom to choose from the broadest possible range of approved apps; and implement a security solution that allows access to SaaS apps while protecting against malware and data loss. Such steps figure to become even more important, as Frost & Sullivan predicts that the SaaS market in North America alone will reach $23.5 billion by 2017.

Tony has been writing about the intersection of technology and business for more than 20 years and currently freelances from the Grass Valley, Calif., home where he and his wife are raising their two boys. A 1988 graduate of the University of Missouri-Columbia School of Journalism and regular contributor to Baseline since 2007, Tony's somewhat infrequent Twitter posts can be found at http://twitter.com/tkontzer.