Thought Leadership

Why You Should Take Steps to Limit ‘Shadow IT’

Shadow IT

(October 16, 2023) Nearly 100 years ago, legendary jazz pianist Fats Waller offered this advice in one of his more popular compositions: “Find out what they like, and how they like it, and let ‘em have it just that way.” The song’s message is surprisingly applicable to the technology needs of today’s workforce.

When employees can’t work efficiently due to the limitations of the technologies available to them, they will often turn to cloud-based alternatives. As consumers, we’ve grown accustomed to accessing the tools we need with a few mouse clicks or taps on our smartphones. That mindset spills over into our working lives as we obtain the technology we feel will help us do our jobs.

The problem is that this process often takes place without the knowledge or sanction of IT. The result is a “shadow IT” environment that is almost impossible to manage, creating a significant security threat.

Understanding the Risks of Shadow IT

Cloud apps offer many benefits, but problems can arise when employees select consumer-grade solutions that don’t have adequate security controls or meet regulatory requirements. These apps create potential entry points for security threats and increase the risk of data leaks when employees store sensitive data in the cloud.

Well-meaning employees naturally seek solutions to streamline processes and increase productivity. This can lead to interoperability issues and data silos because the solutions are not properly integrated into business processes. And while many cloud-based solutions seem inexpensive, redundant services and underutilized subscriptions can add up over time.

Shadow IT is a widespread problem. According to Gartner, 41 percent of employees acquired, created, or modified technology without the knowledge or input of the IT department in 2022. The research firm expects that number to increase to 75 percent by 2027.

Getting a Handle on the Problem

There are steps organizations can take to help employees become more productive while addressing the security, compliance, management, and cost concerns of shadow IT. It’s all about giving employees a voice in IT decisions.

The first thing organizations should do is honestly evaluate why users are looking to the cloud for answers. Ask them about the gaps in your current IT environment and any outdated systems that need to be upgraded. Do you have legacy applications and processes with too many shortcomings to meet the needs of today’s workloads? Does it take too long to identify and deploy new applications that could be more useful?

Get employees’ input regarding technology tools that could increase efficiency, enhance collaboration, and make their lives easier. Let them help you select the best solutions in terms of cost, ease of use, manageability, and security. Make sure your approval processes facilitate the implementation of necessary technologies — but develop policies with consequences for employees who decide to go rogue.

Changing IT’s Role

In many forward-thinking organizations, IT teams are curtailing shadow IT by becoming “brokers” of IT services. By spending more time developing and managing a portfolio of external IT services, they can spend less time on day-to-day operational tasks and more time on strategic initiatives.

Security teams are shifting their responsibilities from controlling IT decisions to managing risk. This requires engaging with employees to ensure that they have all the information they need to make good decisions when acquiring technology tools.

For organizations that don’t have an IT manager or in-house technical support, a managed services provider can be an excellent source of advice. At Mainstream, we serve as strategic advisor to organizations seeking to fine-tune their IT strategies and select the right technology tools. Let us help you get a handle on shadow IT and develop an environment that supports your business objectives.


Mainstream Technologies delivers a full range of technology services in Arkansas and the surrounding region including managed technology services and consulting, custom software development, and cybersecurity services. We also offer industry-leading data center services in our Little Rock facilities. Established in 1996, Mainstream has earned a reputation for delivering quality, reliable, and professional technology services for public and private-sector customers across the United States.

Jeff Pracht
IT Business Development Manager
(479) 715-8629 Office
(501) 529-0008 Mobile

Contact Us

  • Industry

  • Category

  • Regulation

  • Solution