Pete discusses strategies for stamping out shadow IT.
- [Instructor] Cloud apps help organizations be agile, their people to be productive from anywhere, and enable companies to shift from capital expense budgets to operational expense budgets to fund new business initiatives, paying for only what they consume. But with all its advantages, the cloud has spawned a side effect in organizations everywhere, shadow IT. What is shadow IT? Allow me to explain. On average, an enterprise uses more than 1,800 cloud apps.
This is driven by myriad factors which I'll speak to in a moment, but it's safe to say that virtually 100% of enterprises are using cloud apps of some sort today. And 75% of these companies consider SaaS tools essential to their business. 61% is the percentage of cloud applications in use in the average enterprise that IT is not aware of. Let me say that another way. More than one of every two cloud apps, in use, in the average enterprise, is unknown to IT.
And 80% of workers use non-sanctioned cloud apps, by non-sanctioned I mean, not approved for corporate use. And these last two items are what shadow IT is all about. IT projects, albeit many of them small, that are managed outside of, and without the knowledge of, the IT department. These are seriously sobering figures, but here's the part that should worry us all. 40% of all IT spending, today, happens outside the IT department.
What are the drivers of shadow IT? The causes are actually much less nefarious than you might think. When asked, users offered reasons that included, unresponsive IT departments coupled with the rapid pace of the world today. Resource request backlogs, I can lay down a credit card and have that development virtual machine in the cloud, right now. Convenience, getting around corporate controls, for example, a user sharing files on a personal Dropbox account so they can work from home on their home machine, and at the end of the day people do like using familiar tools.
The most common response, people just want to get their jobs done. This last item calls attention to an important point. Shadow IT is often, in fact usually, not malicious, in fact it's quite the opposite. Now that you understand what shadow IT is, and what threats it presents to your organization, and your future job security if we're being honest, now we need to dig into a few important questions. What are the keys to preventing shadow IT? How can we partner with our users to prevent it from happening again? And what tools are out there to identify shadow IT as it happens?