Shadow IT Risks and Solutions in Office 365: Finding the Light in the Dark

Post Date: 03/27/2018
feature image

If you are looking at how your digital transformation can combat shadow IT and mitigate its security risks, check out our latest eBook: Your Digital Transformation Roadmap. Be sure to also check out our post around Digital Transformation!


As organizations look to digitally transform their organizations, there are a myriad of components to consider, from sustainable data management to data auditing and migration.  

But one component in particular that can be effectively targeted and mitigated during the digital transformation process is the plague of shadow IT. 

Defining Shadow IT 

Shadow IT can be defined as, “when your employees use devices, SaaS apps, or any other type of technology – without your consent — for getting their work done.” Due to software being unsupported by an organization’s IT department, there are inherent security risks associated with shadow IT.  

The challenge of shadow IT has multiplied in the past five years. For example, a Organizations may look at this and think, “this is not a problem for us, we have rules in place to make sure that employees don’t put us at risk.”  

Complications Associated With Shadow IT Practices 

The fact of the matter is employees will always find a way to use technologies that are not approved or supported by the IT department. Companies have made it easy for one specific business unit to purchase a collaboration platform specific to their use. This can create problems such as security concerns, lack of impactful team collaboration , employee training time, employee password management, and more. 

Gaining Visibility to Shadow IT Within Your Organization 

Blockers can be put in place, but that can work to hinder productivity, creativity, and innovation. Rather than try to just block shadow IT, a more pragmatic approach would be to try gaining visibility and then addressing the issue. 

When you gain visibility, it allows you to understand why an employee chose to use a different collaboration platform. It allows you gain knowledge on what will be better for your organization. You will learn how they were able to conveniently share things internally and externally and make it easier to collaborate within the organization and provide a whole host of other benefits. You can find all of the reasons why they chose to use a different collaboration tool within Office 365 and Microsoft Teams and the suite of options they provide.  

As you learn why end users prefer a certain platform, you can implement it into your organization. That will turn what was once a shadow IT problem into an organizational solution that the IT department can easily monitor.  

Mitigating the Risk of Shadow IT 

In an article written by Gartner, they provide three key steps to mitigate the risks associated with shadow IT: 

  1. Use data security governance to balance local business unit IT (BUIT) growth objectives against the risk of data breaches and financial liabilities. 
  2.  Deploy shadow IT discovery and data protection tools to enable the safe selection, deployment and notification of unauthorized cloud services. 
  3. Use data security governance to develop and orchestrate consistent security policies across all BUIT for each prioritized dataset.  

When organizations look to digitally transform their government shadow IT may be a concern. Instead of simply blocking shadow IT, they should monitor and understand why employees are using unapproved SaaS technologies to work. It’s key to prioritize the real needs of employees and identify the shadow IT used within the organization. This will help improve work efficiency and decrease risk.  

Interested in learning about the different components involved in digital transformation within your organization? Check out our newest eBook on digital transformation for more information!  

Like what you read? Be sure to subscribe to our blog to stay in the fold for all things Office 365, SharePoint and more!

Spenser Bullock is a former AvePoint Channel Solutions Engineer, focused on enabling partners and their customers to utilize and maximize their Microsoft 365 technology adoption and usage.

View all posts by Spenser Bullock
Share this blog

Subscribe to our blog