Main Menu
Home / Project Management / Risk Management / Shining a Light on Shadow IT

Shining a Light on Shadow IT

You need something from the basement, but it’s as dark as pitch down there. You flick on a light to see something scurry into a corner, into the shadows. Do you dash back upstairs and conveniently forget about what you saw, or do you bravely reach for the flashlight and pursue the enigma further? That’s the kind of dilemma IT faces all the time. In an article for Fierce CIO, Torsten George explores the notion of shadow IT: the unsanctioned use of apps and technologies by business users and departments alike.

Why Pursue Shadow IT?

IT has standards for a reason. COBIT, Basel II, HIPAA, FISMA, PCI DSS: they’re all designed to prevent the kind of havoc that shadow IT inevitably produces. You know, like security gaps, misaligned systems, inconsistent service level agreements, and lack of visibility over security and controls. In a word, shadow IT is risky.

Identify and Neutralize

What kind of shadowy creatures are slinking around the corners of your organization? Perhaps you’ve got a SaaS infestation, a swarm of cloud use, or an invasion of unregistered apps. Before these pests eat away at the foundation of your institution by causing power outages, data loss, or unauthorized disclosure, take action to secure the premises with these easy tips:

  • Tip 1: Build a better IT environment–one that can withstand the intrusion of cloud-based applications by securely monitoring and handling those applications.
  • Tip 2: Develop a standard policy for handling cloud applications in every instance, allowing employees the benefit of understanding what does and doesn’t count as shadow IT.
  • Tip 3: Allow non-approved and cloud-based applications to flourish by channeling them through the proper security encryption.

As George notes, cloud providers should themselves be held accountable for the kind of security risks posed by shadow IT. Organizational trust is something that doesn’t run from the light.

Read the full article at:

About Eric Anderson

Eric Anderson is a staff writer for CAI's Accelerating IT Success. He is an intern at Computer Aid Inc., pursuing his master's degree in communications at Penn State University.

Check Also

How to Plan Your Risk Management from End to End

Project risk management continues to hold the championship belt for the most important-yet-ignored aspect of …

Leave a Reply

Your email address will not be published. Required fields are marked *

Sorry, but this content
is for our subscribers only!

But subscribing to ACCELERATING IT SUCCESS is FREE and only one click away!
Join more than 40,000 IT Professionals and get the best IT management articles to your mailbox with Accelerating IT Success!

Unsubscribe at any time