This year has forced a hasty transition to unfamiliar work practices. Employers have had to be creative in their approach to making the workplace safe for all employees – unfortunately for some this has not been possible. Others have adapted to an at least partial homeworking team to enable them to continue working at something at least resembling the same levels of performance as pre-Covid-19.
Ensuring you do not invest in inadequate tools for your staff working from home can be challenging. The need for a good quality of remote working tools has never been more important – they are essential to the success of your team. Without the correct software, your staff cannot be expected to achieve a good standard of work and thrive.
A problem for employers has been the adoption of ‘Shadow IT’ by their employees. What is Shadow IT? Why is it so bad? How will it affect my business? All valid questions. During this blog, we will answer these questions and guide you toward solutions that are beneficial for both you and your employees if adopted correctly.
Shadow IT
“In big organisations, shadow IT (also known as embedded IT, fake IT, stealth IT, rogue IT, feral IT, or client IT) refers to information technology (IT) systems deployed by departments other than the central IT department, to work around the shortcomings of the central information systems.”¹
We take for granted that in the office setting all software, hardware and network services are monitored consistently and are protected and licensed with specific authorisation protocols to ensure access only to authorised employees. With remote working becoming more and more common employees are increasingly making up their own minds which tools they use to work with. This can be dangerous. The company data is usually stored in a secure place, but, with the introduction of Shadow IT, you will find that employees have started storing data in non-IT company services instead (WhatsApp, WeTransfer, or Dropbox), which can mean trouble for their employers.
The security concerns of Shadow IT
The examples above are being used out of the remit of control of the business if management has not authorised and/or provided such systems. They may be insecure, potentially leaving sensitive data vulnerable. Any tools used without the control of the business are also being held out of the organisation’s regulatory obligations – meaning potential legal ramifications if a data loss/theft is suffered.
Why do employees choose Shadow IT?
There is a multitude of reasons as to why an employee may choose to use Shadow IT. Most common is that the employee feels they don’t have the tools they deem necessary to complete their daily tasks to an acceptable standard, leaving them no choice but to go out and look for a tool that can achieve it. For others, it can be as simple as not having the education to understand the problems that Shadow IT can cause to a business.
Sometimes it is a familiarity that tempts an employee. You may have provided them with an extensive collection of tools that you deem perfect for their job role, but they may not have the technical aptitude to use them properly when in a remote setting. Therefore, they find using a familiar tool eradicates the need for this knowledge of new IT. Perhaps the remote work setting posed more challenges than you anticipated – you need to communicate with your employees to find out what these challenges are and how to solve them in a secure and cost-effective way.
How to approach Shadow IT
Where you have employees preferring Shadow IT, take their feedback and implement a strategy that best suits their needs. Approach Shadow IT by asking yourself some questions surrounding its use:
- What apps have our team sourced and are using outside of the company remit?
- How did they have IT permissions to install or use paid apps in the first place? Do we need to make changes or review security policies?
- What functions do these apps serve that could be solved with what you have already? Does the team simply require IT education, or are the apps perhaps better aligned to your requirements, meaning you should take ownership and permit the services to be used?
The Shadow IT used by employees needs to be in a shareable format and compatible with what is already provided by the company.
If you offer the correct tools you know the answer to these and other operational questions before even starting.
Finding a mutually beneficial answer to these questions will allow your remote work infrastructure to be stronger and more secure; employees will feel more productive using tools that work for them, your business will thrive and remote working can become a positive change rather than a necessary one.
Is Shadow IT a problem for you?
Elixis Technology will help you buy the best tools to ensure a productive, secure and legal remote work environment. We are here to ensure you get the technology that actually works for your business to help you achieve the results that your customers demand of you. Contact us and find out how we can help you.
For more information, feel free to send us a message.
https://en.wikipedia.org/wiki/Shadow_IT¹