Michael Hickens of the Wall Street Journal just wrote an intriguing article summarizing the intense “Shadow IT” debate at the MIT Sloan CIO Symposium. He reports that CIOs are frustrated by cloud computing software vendors that are selling directly to business users rather than going through traditional IT channels.
“It’s getting more complex because it’s proliferating. I call it cockroach technology”, said Michael Relich, SVP and CIO of Guess Inc.
The magnitude of Shadow IT is significant and growing. Gartner predicted that a full 35% of IT spending will take place outside of IT by 2015 – only two years away. By the end of the decade, that figure will hit 90%.
We at Skyhigh are hearing similar feedback from our customers and prospects. When we first meet with a company, we often ask them a simple question to understand the magnitude of Shadow IT – how many cloud services are in use by the employees in your organization? On average, the CIO, CISO or members of their Security and IT teams estimate somewhere between 25-30 services. And on average, we usually find between 300-400 services – 11x more than IT was aware of.
When the IT and Security teams first see the sheer volume of cloud services in use, the massive size of Shadow IT and the magnitude of cloud data security risk due to Shadow IT, it’s always a real eye opener. The volume of cloud services running speaks to several exploding trends – cloud computing, bring your own device (BYOD) or bring your own cloud (BYOC), and consumerization of IT.
Specifically, the rapid shift from on-premise business applications to cloud-based SaaS applications has enabled any employee with a credit card and an internet connection to become an IT manager and deploy their own Shadow IT applications without notifying IT.
These three forcing factors are not going away. What’s more, there is also growing consensus that use of cloud services results in higher productivity. A recent survey of IT decision makers found that 72% suspected that Shadow IT was beneficial and made it easier for employees to do their jobs. However, Shadow IT also creates clear cloud security and cloud compliance risks.
The good news is that most IT teams want to constructively address the Shadow IT phenomena and believe that there is a happy medium that balances cloud services agility and cloud security. IT wants to help their business counterparts accelerate the adoption of cloud services while protecting corporate data.
We built Skyhigh Networks to help IT teams more quickly sanction new, low-risk cloud services while offering choice and freedom to employees. The first step in this process is to help organizations understand the size and risk of Shadow IT. With that in mind, we recently launched the 30-in-30 Challenge. Give us 30 minutes and we will identify 30 cloud services in use that you didn’t know about. If we don’t, then we’ll give you 30 months free on Netflix. There is no charge. There is no gimmick or obligation. Just sign up here and we will help you shine a light on Shadow IT.