George Crump Nov 17, 2014 (Oct 13, 2020)

Shadow IT: data protection and cloud security

Summary
Views on shadow IT and data security from within the enterprise
Key takeaways
Methodology
About George Crump
About GigaOm
Copyright

1. Summary

Shadow IT is a term describing users or whole lines of business who go outside of their organization’s IT group to meet their IT needs. A disconnect often exists between what IT users feel they need and what the IT services group is prepared to deliver. Shadow IT’s destination is often the cloud, where a company credit card can access all kinds of IT as a service, including cloud-based file-sync-and-share, laptop data protection, CRM, project management, or back-office software.

Shadow IT may seem like an easy solution for an organization, because users and lines of business meet their needs and IT has one less problem. But in reality, both stakeholders can end up with less than they wanted and in the process, they put the organization’s important data assets at risk by compromising data security. Consumerization of IT can often come back to haunt enterprise IT.

Instead of divesting itself of responsibility, IT organizations should get in front of shadow IT and prevent its spread. When IT takes control of an organization’s cloud usage it provides better cloud utilization, which in turn allows cloud compute and storage to reach its full potential. At the same time, IT keeps the organization’s data better protected and more secure.

This report reviews data from three surveys that Gigaom Research conducted between September 2013 and June 2014. It will help IT organizations understand the extent of shadow IT and avoid its pitfalls.

Key findings include:

83 percent of organizations have adopted the cloud for some function, but few are using the cloud to deploy complex enterprise applications.
Security (62 percent), application performance (44 percent) and time required to develop related skills (41 percent) top list of cloud concerns.
More than half of enterprises have at least 10 public cloud instances in production.
81 percent of line-of-business employees admitted to using unauthorized SaaS applications with 38 percent deliberately using unsanctioned apps because of the IT-approval process.
70 percent of unauthorized access to data is committed by an organization’s own employees.

Thumbnail image courtesy: Digital Vision/Thinkstock

Radar Engineer

Ron Williams Sep 26, 2023 (Sep 19, 2023)

GigaOm Radar for Patch Management

Patch management is the process used to identify, acquire, verify, and install software and firmware patches to physical and virtual devices…

Radar Engineer

Andrew Green Sep 25, 2023 (Sep 18, 2023)

GigaOm Radar for Network as a Service (NaaS)

Network-as-a-service (NaaS) vendors provide a global transit network by enabling any-to-any connectivity among globally distributed sets of cloud workloads, branch sites,…

Blog

Jon Collins Sep 25, 2023

The Cloud-only Era is Done

As ever in this job, it’s by putting multiple conversations together that I start building a picture. Over recent months, I’ve…

Key Criteria VP/Architect

Dana Hernandez Sep 21, 2023

Key Criteria for Evaluating Cloud Management Platforms (CMPs)

Cloud management platforms (CMPs) are suites of integrated tools that help organizations manage and monitor hybrid and multicloud environments. These solutions…

Shadow IT: data protection and cloud security

Table of Contents

1. Summary

Full content available to GigaOm Subscribers.

Table of Contents

1. Summary

Related Research

Full content available to GigaOm Subscribers.