For many CIOs, it’s a feeling they can’t shake. A creeping certainty that somewhere the corporate network “ghosts” have emerged to play havoc with critical systems. The proof is in irregular incident and problem reports – odd security breaches and a strange lack of IT support tickets. Wandering the halls, you’d swear you could hear them whispering, wondering: What more can they access? What more can they do?
In truth, these ghosts are something much less nebulous and much more frightening: Employees looking for the fastest, easiest way to complete tasks despite existing IT access and use requirements. This so-called “shadow IT” haunts the days of many C-suite executives desperately trying to secure data and ensure compliance.
Is it possible to quiet the voices and exorcise IT demons?
According to CBR Online, shadow IT issues can occur in any part of your organization, but there are five key areas where hauntings happen the most. First are unauthorized business productivity apps — SaaS-based office suites, for example — which employees often link to their corporate accounts, creating massive security holes. File-sharing services are next, along with USB sticks, social media and digital communications technology such as VoIP or text messaging.
The common threat that connects these frightening breaches of corporate policy? Employees desire to skip the red tape of IT approval and just “get the job done.” In other words, the vast majority of hauntings don’t occur out of malice or a desire to punish CIOs for some past transgression but rather a drive to complete tasks and bolster the bottom line. It’s no surprise, then, that companies struggle to stop the ghosts, since users typically lack the insight to understand the downside of unauthorized use of these applications.
So is it possible for businesses to free IT ghosts and create a secure tech environment? Absolutely — and it all starts with a change in perspective. Rather than taking a top-down approach, companies need to start from the bottom up – What does the end-user experience look like? Which processes and workflows are effective and which hamper productivity? If employees are leveraging unapproved third-party apps it’s important to ask why instead of simply banning their use. As noted by Beta News, 61 percent of companies spending on an end-user approach are enjoying ROI for their efforts, while 65 percent say their approach provides a competitive advantage.
But freeing shadow IT spirits isn’t always easy, especially when it comes to the proliferation of mobile devices in the workplace. A recent Dimension Data study found that most large organizations were “unsure” how to effectively implement an end-user strategy to both manage devices and handle emerging security risks.
Here’s the bottom line: Releasing IT ghosts means embracing the end-user perspective, but building out this kind of mechanism in-house is both time-consuming and can quickly break technology budgets. Alternatively, you could bring in outside expertise for your shadow IT exorcism; an end-user IT analytics platform designed to provide smart insight and drive fast action all in real-time by giving you an accurate view of how users interact with IT services, where they struggle and how you can improve.
Want to end the haunting and free your CIO? Embrace the ghosts, understand their motives and you’ve got a real shot at sparing yourself the specter of shadow IT.