

What Does it Mean for a User to go Rogue, and What is “Shadow IT”?
Wikipedia defines it thus: “Shadow IT is a term often used to describe information-technology systems and solutions built and used inside organizations without explicit organizational approval. It is also used, along with the term “Stealth IT”, to describe solutions specified and deployed by departments other than the IT department.” Users “going rogue” often refers to users who are used to a piece of software and who don’t find it on the company servers, and who then install it on their own desktops, but they don’t tell the IT Manager. So, when the network gets infected, the IT Manager is unaware that he has “rogue” users, so he can end up wasting time looking in the wrong places for his attempted solutions.
- Using cloud storage, like Dropbox, GoogleDrive, OneDrive or Box, to remotely access and transfer data between personal and company devices.
- Installing Skype or other forms of VoIP software for communications between other staff and clients.
- Using or creating productivity and workflow processes separate from the corporate network, often using cloud-based applications such as online project managers, or notebook programs like Evernote.
- Connecting physical devices, such as USB sticks or external hard drives, directly to the corporate network, and then using these to transfer sensitive or confidential information.
- Downloading instant messaging applications, like Yahoo Messenger or WhatsApp, onto corporate smartphones and tablets.
- Downloading and accessing social media applications. Facebook, Skype and Twitter are on top of the list of sites containing the most malware, according to Internet security company, Zscaler. Users often click on or unwittingly download malicious applications without realizing they have put themselves and their organizations in danger.
- Developing, using and sharing self-developed Excel spreadsheets and macros, or using Google Docs or Microsoft Office 365.
What Can You do to Minimize Rogue or Shadow IT?
Now that many company staff rely so heavily on their smartphones, and on cloud apps that give them access to company systems and data from anywhere at any time, such employees often no longer feel a need to go through IT “middlemen” for certain activities. They want access to their preferred tools that they’re used to and are facile in, and they want it all the time.

Other Factors That Foster Shadow IT
Some other factors that can contribute to encouraging rogue or shadow IT are complex IT policies and outdated software. This is often not a trivial problem to handle. An easy potential solution would be to make your IT policies simple to understand and apply. A not-always-easy solution is to convince those who hold the organization’s “purse strings” to allow you to keep your devices and software up-to-date. Here’s another recommendation: Don’t pretend that shadow IT doesn’t exist. Openly acknowledge its presence in your company and also openly communicate with employees about how you will be responding to their needs, and provide a reasonable time for the switches to IT-approved alternatives. If you don’t focus on and prioritize end-user experience, shadow IT will incubate. There are certain tools where it would be hard to build a better internal version. An example is cloud-based file sharing applications such as the ones mentioned above. When large files are involved, e-mail just won’t cut it. A solution is to utilize the corporate version of such tools and to ensure that users don’t connect them to their personal versions of these tools.Summary
Shadow or rogue IT can cost companies greatly. IT Managers should find out what shadow IT services their users are using, how and why they’re using them and determine which have to be removed, which can be used with suitable security safeguards, and which can be replaced with IT-provided services.
Sources:
https://www.informationweek.com/strategic-cio/it-strategy/shadow-it-8-ways-to-cope/d/d-id/1319535 https://www.skyhighnetworks.com/cloud-security-university/what-is-shadow-it/ https://www.cio.com/article/2968281/cio-role/cios-vastly-underestimate-extent-of-shadow-it.html https://www.securityinnovationeurope.com/blog/is-shadow-it-a-threat-to-your-organisation https://www.information-age.com/20-riskiest-shadow-it-applications-and-how-manage-them-123460837/ https://www.zscaler.com/ https://www.zdnet.com/article/rogue-it-sad-truths-and-unfortunate-stories/ https://searchcloudcomputing.techtarget.com/tip/Build-a-shadow-IT-strategy-all-departments-will-love. Photo credits: Hacker photo: Morguefile.com/davidpwhelan. Keyboard photo: FreeImages.com/Nikolaus Wogen. Frustrated user photo: FreeImages.com/Rajesh Sundaram. Try Now!
Leave a Comment
Recent Comments
- No recent comments available.