• 01/16/2014
    1:45 PM
  • Rating: 
    0 votes
    Vote up!
    Vote down!

Shadow IT Surprise: Look Who Loves Rogue Apps

Who's using unauthorized SaaS applications? IT professionals need to look in the mirror, recent study shows.

Anyone who has worked in IT for any amount of time probably has a few guilty secrets about their own rogue IT activities. Shadow IT -- that is, using SaaS applications that have not received the blessing of the IT department or were not obtained in ways that are strictly above board when it comes to IT procedures and policies -- is everywhere, whether CIOs want to admit it or not.

In a recent survey by Frost & Sullivan's Stratecast group, more than 80% of respondents admitted to using non-approved SaaS applications as part of their day-to-day business activities. In fact, only 17% of IT employees are toeing the line when it comes to limiting their technology to corporate-sanctioned products. The survey, sponsored by McAfee, polled 600 IT and line of business employees in the U.S., UK, Australia and New Zealand.

Authored by Frost & Sullivan’s cloud computing program director, Lynda Stadtmueller, the study revealed that IT professionals themselves are by far the worst offenders when it comes to using unauthorized services. What’s more surprising is that IT holds itself above its own policies.

An incredible 91% of IT departments are currently using at least one unapproved SaaS app as part of standard procedure, and 25% are using six or more unauthorized apps. What’s more, about a fifth of individual IT users (19%) are also personally opting to break the rules in embracing a half dozen or more SaaS apps that aren’t sanctioned by the IT department, either officially or unofficially.

Why is IT breaking the very rules that it sets for the rest of the company?

Read the rest of this article on Network Computing.


Do as I say, not as I do?

"91% of IT departments are currently using at least one unapproved SaaS app as part of standard procedure." What does this say about the approved apps? Jeez.

Re: Do as I say, not as I do?

In a way it is justifiable, because the employee is trying to do their jobs through the most efficient way they know how i.e. by using technology. Rather than to lock down the whole system I guess it would be better to train employees and get them updated in fundamental security concerns, not only will that filter out unsafe rogue apps but it will come with the added benefit of keeping employees safe in their personal lives, and a safe employees that is not facing loses from identify theft for instance is a productive employee. 

As a startup provider, I wonder whether it would be a good idea to aim at entering the enterprise world through the rogue app approach, I am thinking dropbox here. 

Re: Do as I say, not as I do?

Why are they breaking the rules? Because they can! Enterprise applications are mostly from hell. We'd all escape them given half a chance.

Re: Do as I say, not as I do?

When we did our survey on InformationWeek survey on App Consolidation, 63% of tech pros said that the reason apps got duplicated in the first place was that the existing apps weren't meeting a specific business need. isn't rogue IT often just a red flag that something's not working right?

(Here's a link to that research)

Re: Do as I say, not as I do?

I think rogue IT can be caused by a few things.  First is marketing, sadly servcies like Dropbox does better marketing than any IT department out there.  Phones and tablets come pre-loaded with apps that quickly turn into ways to step around corporate IT becasue it's there and it's "free" so users don't see the harm.  Or they are browsing the top apps in an app store and something catches their eye.  Rather than ask IT if something like that exists they install it and start using it.  I've run into this multiple times where someone was showing me their "cool" new app and I asked why they weren't using our in house solution only to find out they didn't know it existed.  That happens especially when new emplyees come on board and their new manager/supervisor takes for granted that they know what IT provides.  

Re: Do as I say, not as I do?

That's a great point. In-house IT spent decades as the only game in town. When you're a monopoly, you don't need to advertise. Not all companies have caught up to the new reality.

Re: Do as I say, not as I do?

There's also the pervasive mentality that says, "Oh, but those rules don't apply to me."

Re: Do as I say, not as I do?

I hear that one loud and clear. I have some "special" people who get what they want and IT becomes damage control rather than support.  There will always be those who get preferential treatment and can do things that will make life difficult for IT.