Corporate Networks Grapple With Shadow IT Surge: New Report Reveals Spike in Unauthorized Cloud Services
Companies that estimate they use an average of 91 cloud computing services within their authorized corporate networks received startling news this week: The number of cloud services actually present may be as high as 1,120 — with a significant portion of those being unauthorized.
That 170 percent difference, according to The Wall Street Journal, reporting this week on the release of a new Cisco Systems study, is largely due to employees circumventing established IT protocols. This rise of shadow IT, as the use of unauthorized cloud services is often termed, is present in some 83 percent of businesses worldwide, TechCrunch reported.
Common examples of unauthorized cloud services employees introduce to corporate networks are often well-known applications such as Dropbox, SurveyMonkey and Web-based email or word processing packages. Other examples, such as Facebook, YouTube and the like, illustrate an infiltration of social and entertainment services in the workplace.
Reasons for employees turning to some of these unauthorized services tend to center on expediency and perceived need, according to TechCrunch. Departments or teams may decide their requests for authorized access to new tools have been deprioritized and take solutions into their own hands.
What is certain is that unauthorized cloud services pose threats to data security and compliance. When sensitive business and customer information is stored or archived in off-site servers, in-house IT teams cannot control or protect it. Additionally, the removal of data and records to off-premises, third-party servers risks exposing the company to penalties for breaking government-regulated storage rules.
The new rate of unauthorized app use appears to be an increase of about 65 percent since six months ago. In August 2015, CIO reported that company IT executives estimated an average 51 cloud services within their corporate networks’ profiles, but a similar Cisco study at that time pegged the probable average at 730.
Experts do question the new numbers to some extent. As The Wall Street Journal reported, one Forrester analyst suggested the incidence of shadow IT usage may only account for 30 to 40 percent of the activity within corporate networks. Even that level of unauthorized cloud services can represent a clear and present data security threat.