The rapid adjustment to remote workers has caused many issues in its wake, from software bloat to unsecure networks. 61% of cybersecurity professionals express concern about the IT security risks associated with that unplanned adjustment to a remote workforce.
One of the big adjustments for Houston businesses was the need to move to cloud solutions to keep work-from-home employees connected to the business applications and data they need to keep the office operations running.
This combination of the abrupt switch to a home environment, which often meant working from a home PC instead of a work computer, and the need to use the cloud to stay connected has led to an alarming rise in shadow IT.
Shadow IT describes applications and software that employees use on their own for work without the knowledge of a company’s IT team or IT provider. When this happens, it means that business data is being used in apps that may not be secure and may mean problems for company data compliance.
It usually happens innocently enough. An employee is newly working from home and realizes they need a place to easily share their work files with colleagues. So, they choose a cloud file storage app to use, not realizing that it could mean a risk to their company.
The use of shadow IT has gotten so bad that it’s estimated that between 20% to 40% of technology spending is done outside of the view of the company’s IT team.
What problems does it cause when employees start using cloud applications without them being approved?
When approaching shadow IT use, you have to understand that most of it is not done on purpose. Employees may actually be trying to be more productive and don’t realize the dangers of using an application that hasn’t been reviewed and approved first by their company’s IT team or IT provider.
There are also some advantages to employees seeking out new productivity tools. They could be better than what you’re already using or might fill a gap that moving to a remote workforce has left in your cloud environment.
So, the best way to approach stopping shadow IT is to not be punitive, but to be educational and keep the door open to employee IT suggestions.
Here’s how to approach it.
You first need to know what you’re dealing with when it comes to shadow IT. Is it just a few apps here and there or is shadow IT use rampant throughout your company?
There are two ways to identify shadow IT use:
When reviewing the IT employees have noted they are using, look for highly rated apps that might be good replacements for lower rated approved apps.
The CASB can help here as well because it can review cloud apps for security and compliance risk.
Adjust your overall cloud application strategy as needed to incorporate any particularly good shadow IT tools.
A lot of shadow IT happens because a business does not have any formal policy on cloud app use. Employees don’t have any way to suggest apps they like, or even know that they have to.
Explain to employees the importance that all cloud apps used for your business data be pre-screened and approved before they can be used.
Give them a way to suggest cloud applications that they’d like to use, and make sure they’re communicated with during the review process and about the decision to use or not use the app. If you leave employees hanging about an app suggestion, they might just start using it because they didn’t hear anything back.
Digital Crisis can help your Houston area business with smart cloud strategies that will ensure employees have the tools to stay productive and that your data is secure.
Contact us today to schedule a consultation. Call 713-965-7200 or reach us online.