Getty Images/iStockphoto
What are the pros and cons of shadow IT?
As employees continue working remotely, the prevalence of shadow IT grows. This inevitability is forcing IT leaders to weigh the pros and cons of unsanctioned technology use.
Workers want a way to do their jobs efficiently. Many turn to their own applications to do so.
Employees commonly turn to unsanctioned email accounts, messenger platforms, video conferencing products, collaboration tools and file-sharing services, among other applications.
The significant amount of shadow IT that employees use within the enterprise has been a longtime challenge for many CIOs. And use is on the rise as employees expect consumer experiences in the workplace. That's especially true for the new generation of digital natives. Yet, IT leaders can use shadow IT activities to recognize its value as feedback and proceed accordingly, while also taking the necessary risk mitigation steps.
"The people coming out of school today are so digitally savvy, and trying to tell them that IT can't solve their problems will be a foreign concept," said Mike Anderson, CIO and chief digital officer at security tech company Netskope.
That might not be bad news, however.
Too many organizations see only the negatives that come with shadow IT, Anderson said. Unauthorized technology can create headaches for CIOs when not managed with some guardrails. However, shadow IT brings benefits, too.
Some experts think CIOs could even consider allotting budget for shadow IT.
He's not alone in these assessments; other enterprise technology experts likewise see both pros and cons of using shadow IT.
10 pros of shadow IT
1. Shifts lower-level tasks out of IT
Business-side workers often deploy shadow IT to help them do their jobs more efficiently. So seeking out the apps that work for them in such cases can free up IT resources for addressing the larger challenges that will really let IT deliver big business value, Anderson said.
2. Speeds up innovation
IT departments have a number of policies and processes that guide new technology development and deployment. Such guardrails help safeguard the organization, but they often slow innovation and transformation. Shadow IT circumvents all that.
"It solves an immediate problem, and it creates speed," said Chris Kapusta, principal architect at Insight Enterprises, an IT service provider.
3. Highlights issues within the organization
Shadow IT indicates where workers experience challenges and pain points in their day-to-day jobs, giving both the IT department and enterprise executives clear indications on areas that need attention.
"It shines a light within the business, and it shows where IT isn't delivering," Kapusta said.
IT should view such indicators as an opportunity to bridge the internal silos, he said.
4. Highlights the most innovative business-side workers
The creativity and drive behind shadow IT efforts is worth noting.
"Shadow IT actually identifies the most commitment, the most invested people," said Richard Marshall, an analyst with the Analyst Syndicate and principal of Concept Gap. "If you want to find people who are the best internal disruptors, look for people who are shadow IT users."
These are the employees working to solve problems, Marshall said. They're also likely to have the best understanding of how to find the most effective way of doing their jobs.
5. Improves business operations
Workers tend to use their own technology so they can do their jobs more efficiently and effectively. Or they're looking for ways to enhance teamwork, collaboration and communication.
If their technology selections help them on any of those points, that can mean overall productivity boosts for the company, Marshall said.
6. Identifies user requirements
Shadow IT can highlight what users are looking for, thereby providing an efficient way to gather user requirements. That's particularly helpful for IT when the department decides to officially fold the unsanctioned technology into the enterprise environment and scale it for broader use, Marshall said.
"It's a big accelerant toward the delivery of more official solutions," he said.
7. Solves challenges related to user adoption and change management
Shadow IT can eliminate the challenge of getting workers to adopt new software, as they themselves have already committed to selecting, testing, learning and mastering the new application.
Those workers who seek out their own technology for on-the-job challenges tend to persuade their colleagues to use those products, too, Anderson said.
"Sometimes it's even cheaper to use the tool they found than pay for all the change management associated with another enterprise solution," he said.
8. More quickly delivers software that better fits business needs
Shadow IT eliminates the need for IT to understand what their business-side colleagues are trying to do and exactly what they want from a new software program. Instead, it puts problem-solving in the hands of those who know the problem best.
"The business knows its needs best," said analyst John Annand, who serves as a director with the infrastructure team at Info-Tech Research Group. "The business is the expert user after all, and they know the business logic and the requirements."
Shadow IT helps the business get exactly what it wants, Annand said.
9. Creates a more open-minded approach to software selection
Business-side workers don't usually have favorite programming languages or vendors, so they're generally more open-minded when they look for technologies that can help them search broadly for the best application to meet their needs, Annand said.
"Business is open to all possibilities," he said. "They don't come with the biases that IT might have based on preferences or what other departments are already using for solutions."
10. Highlights opportunity for process improvements within IT
Shadow IT can show organizations where and how to improve processes.
"Users will be more apt to [bypass] IT if they see IT or information security as the department of 'no' versus one that is solution-oriented or if the procurement process is painfully slow or complex," said Josh Hamit, vice president and CIO at Altra Federal Credit Union and member of ISACA's Emerging Trends Working Group.
"If shadow IT is a problem, it's a good opportunity to take a step back and evaluate whether the technology procurement or vendor management process can be improved," Hamit said. "The more you can simplify and streamline the process, the more likely that users will be inclined to use it."
5 cons of shadow IT
1. Rings up extra costs
Paying for both unsanctioned tech and an equivalent enterprise software program means the organization is footing the bill for duplicate products.
An organization could be paying premium rates for the unsanctioned technology rather than getting a better rate negotiated by its procurement team, Hamit said.
"By circumventing the standard procurement process, the organization starts to double-dip on technology it already has in place, which increases the total spend," he said.
2. Increases cybersecurity and compliance risks
As workers develop and deploy technology without any reviews or security assessments, they often increase the organization's exposure to various risks.
Employees could be adding technology that's more vulnerable to cyber attacks, and they could be onboarding technology that uses or stores sensitive data in ways that expose it to theft or run afoul of regulatory requirements, Kapusta said.
"They leave the business, its intellectual property and its data open to attacks," he said. "And you can lose insight into what data's out there [at a time] when it's important to know where all your data is."
3. Introduces performance and user experience problems
Shadow IT can cause application performance issues or user experience problems because it typically doesn't undergo the rigorous review that IT applies when deploying new technology to ensure it will operate smoothly within the organization's existing environment.
That's particularly true as more and more workers use the unsanctioned technology, Kapusta said.
"There's a good chance of introducing glitches," he said.
4. Runs afoul of vendors and their licensing requirements
Business-side workers who decide to deploy technology without IT's input may unwittingly expose their organizations to problems with vendors.
That's particularly true as more and more workers start to use the unauthorized applications without securing needed licenses or agreements with the vendors, Marshall said. That could bring big fees for unauthorized and unlicensed use of the software.
5. Creates missed opportunities
Turning to shadow IT means the technology team wasn't able to create software that might give the company a unique competitive edge.
"Going around IT might result in missed opportunities to properly evaluate build vs. buy," Hamit said. "For example, if the IT department has a capable team, it may be feasible for in-house developers to create an application rather than purchasing one off the shelf or subscribing to a service."
That potential in-house software has the potential to truly customize to deliver on business goals and provide a better experience in the long run, he said.
