Out of the Darkness: Shedding the Light on Shadow IT

As a result of using unsanctioned consumer file sharing applications, employees may unknowingly put their company's sensitive business information at risk.

9 October 2014


Many companies today have poor visibility into which file sharing tools and applications are being used within their organization.

Employees are trying to get work done and out the door quickly, and too often, hastily use tools under the IT radar — typically, free consumer file sharing services. And in many cases, IT is not aware that this is happening within their organization.

In an effort to better understand how enterprises are handling and reacting to ‘Shadow IT,’ the use of third-party information technology without the knowledge or approval of the corporate IT department, we conducted research with Gigaom Research and Harris Interactive.

As our infographic above illustrates, the research revealed some alarming results:







  • 90% of actual cloud application usage happens without the company IT department knowing
  • 46% of senior IT professionals believe data is leaking from their companies due to unmanaged file sharing products
  • 84% of senior IT professionals expressed particular concern about data privacy issues arising from ‘freemium’ file sync and share products
  • 81% of line-of-business employees admitted to using unauthorized Software-as-a-Service (SaaS) applications in the workplace
  • 38% of line-of-business employees said they use unauthorized cloud apps because IT-approval processes are too slow
  • 55% of organizations with 30,000 employees or more expressly forbid the usage of SaaS-based file sharing solutions

As a result of using unsanctioned consumer file sharing applications for sharing business data, employees may unknowingly put their organization’s sensitive information and compliance at risk. This is confirmed by nearly half of the IT managers surveyed who blamed ungoverned file sharing software for data leaks.

IT wants to lock-down solutions used in the organization to help maintain security and compliance, and end users want to use applications that enable them to work more efficiently. Simply attempting to block access to unsanctioned services won’t solve the issue of Shadow IT. Without a practical alternative solution, employees will find another way to access the blocked service, or may instead, seek other applications under the IT radar to stay productive.

To keep information secure and compliant, organizations need to take steps to avert ungoverned behavior by establishing and enforcing, policies, processes and approved solutions. Gigaom Research has put together two simple frameworks that IT managers can use to make actionable decisions about file sharing policies, and the requirements to look for in a secure solution. If you’d like to learn more about this framework, you can download a copy of the Gigaom Research report. Additionally, you can receive a copy of the Harris Interactive research here.

Shedding the Light on Shadow IT