A More Benign Approach to Shadow IT

Shadow IT is one of the (many) things that keep system admins awake at night.

Right now, someone in every organization with more than a handful of workers is using an app they got from the internet that the IT department knows nothing about.

Unapproved technical tools – apps, cloud services like Dropbox or Google Drive, and personal devices – present potential and very real security concerns. They also come with not insignificant costs when multiple business groups buy duplicate solutions. By some estimates, 40% of spending on software and tech services occurs outside the IT department.

So common is it for a computer user to use a cloud service or download an app or tool to help them do their job that Microsoft says the average number of apps being used in an organization is around 1,000.

“80% of employees use non-sanctioned apps that no one has reviewed, and may not be compliant with your security and compliance policies,” Microsoft says, introducing a tutorial for using one of its products “to discover which apps are being used, explore the risk of these apps, configure policies to identify new risky apps that are being used, and to unsanction these apps.”

Hunting down and shutting off these apps and unapproved services does help with the security risk. But relying entirely on that approach is a never-ending policing effort that only contributes to the “Department of No” perception of IT.

A recent CompTIA article on the subject says imposing ever greater restrictions may even be counterproductive. “Enhanced rules may cause workers to venture outside of approved IT more, rather than less — especially if they feel their pain points are being ignored.”

The article suggests a more benign approach that actually allows some types of shadow IT uses while also educating workers about the risks and providing them with the functionality they want.

The latter is the approach the US Department of Veteran’s Affairs is taking.

“You have to give your customers options. If they don’t feel like they’re getting serviced properly from the central IT function, they’ll go find their own way, because they’ve got a mission to execute,” Dominic Cussatt, the agency’s principal deputy chief information officer, says.

He explained that the VA is developing portfolios of services from which customers can shop.

Reporting on Cusatt’s comments at a conference, FedScoop reported, “The idea is that these portfolios are ready to deploy, checked out from a security standpoint and with buys already in place.

“Said Cusatt, ’That ease of access helps them and helps them avoid seeking other options.’”

Photo by Christina @ wocintechchat.com

Best Practices for Performance Reviews
General Interest

Best Practices for Performance Reviews

Cultural Sensitivity in the Workplace
General Interest

Cultural Sensitivity in the Workplace

#WeAreGreenKey: Spotlight on Tim Coonan
Architecture + Engineering General Interest

#WeAreGreenKey: Spotlight on Tim Coonan

Green Key Unlocked: Soft Skills Recruiters Should Have in the Age of AI
General Interest

Green Key Unlocked: Soft Skills Recruiters Should Have in the Age of AI

The Power of Feedback in The Workplace
General Interest

The Power of Feedback in The Workplace

#WeAreGreenKey: Spotlight on Ariana Ali
General Interest Worklife

#WeAreGreenKey: Spotlight on Ariana Ali

Green Key Named Best Executive Search Firm in Hedgeweek Awards
Accounting + Finance General Interest

Green Key Named Best Executive Search Firm in Hedgeweek Awards

LinkedIn Reaches 1B Users and Launches New AI Tools
General Interest

LinkedIn Reaches 1B Users and Launches New AI Tools

The Soft Skills Tech Talent Need
General Interest Information Technology

The Soft Skills Tech Talent Need

Upskilling: Your Path to Personal and Professional Growth
General Interest

Upskilling: Your Path to Personal and Professional Growth

#WeAreGreenKey: Spotlight on Trisha Hankins
General Interest Healthcare

#WeAreGreenKey: Spotlight on Trisha Hankins

Green Key Unlocked: Navigating a Career Transition to Analytics
General Interest Information Technology

Green Key Unlocked: Navigating a Career Transition to Analytics

Team Dynamics Deciphered: A Guide to Finding Your Place as a New Member
General Interest Worklife

Team Dynamics Deciphered: A Guide to Finding Your Place as a New Member

#WeAreGreenKey: Spotlight on Krista Zielinski
General Interest Pharma

#WeAreGreenKey: Spotlight on Krista Zielinski

We Stand with Israel
General Interest

We Stand with Israel

Time Blindness: Impact and Management
General Interest Human Resources

Time Blindness: Impact and Management

Things You Shouldn’t Say During the Salary Negotiation Process
General Interest Human Resources Professional Support Worklife

Things You Shouldn’t Say During the Salary Negotiation Process

Salary Negotiations: Strategize Your Worth
General Interest Human Resources Professional Support

Salary Negotiations: Strategize Your Worth

#WeAreGreenKey: Spotlight on Brad Martin
Architecture + Engineering General Interest

#WeAreGreenKey: Spotlight on Brad Martin

Green Key Unlocked: Mastering your Healthcare Interview
General Interest Healthcare

Green Key Unlocked: Mastering your Healthcare Interview

Latest Blog Posts
View All Posts
Best Practices for Performance Reviews

Best Practices for Performance Reviews

Performance reviews, often met with anxiety and anticipation, are an integral part to a thriving workplace and the cornerstone of...
Read More
Cultural Sensitivity in the Workplace

Cultural Sensitivity in the Workplace

Cultural sensitivity is a pivotal factor in creating a workplace where every individual can flourish.
Read More
#WeAreGreenKey: Spotlight on Tim Coonan

#WeAreGreenKey: Spotlight on Tim Coonan

Tim started his recruiting career almost five years ago when he transitioned from an accounting and sports marketing career.
Read More