A-Z Popular Blog Encyclopedia Search »
Technology
 Advertisements
Technology Guides
Technologies
Key Concepts
Technologies
Related Topics
Information Technology

Integration

top   »  information technology   »  it governance   »  shadow it

12 Types of Shadow IT

 , updated on
Shadow IT is the unauthorized use of technology within an organization. This is an common practice that arguably has productivity benefits as teams seek out tools to meet their needs without engaging heavyweight processes such as IT governance. However, shadow IT opens up an organization to risks in areas such as information security, operational stability and compliance. The following are common types of shadow IT.

Applications

Installation of applications or apps. This can represent an information security risk as an application may contain vulnerabilities or malicious code that users are unlikely to notice.

Internal Controls

In some cases, employees install tools to bypass internal controls. For example, traders at a bank could install an encrypted messaging app to bypass compliance constructs such as a Chinese wall.

IT Controls

Disabling IT controls that are perceived as inefficient or obstructive. For example, disabling a virus scanner on a system.

Systems

Installation, development and configuration of systems that perform a business function such as automation or data integration. Typically results in a fragmented architecture that is highly inefficient. There is also potential for operational problems such as outages caused by undocumented systems.

Projects

Software or infrastructure projects that fly under the radar without going through official channels such as the CIO and IT governance. This can occur due to office politics whereby an executive with significant authority is uncooperative with IT.

Data

Developing data repositories such as a spreadsheet used to manage customer or product data. Such data may be prone to data loss.

Knowledge

Knowledge repositories that are hidden from the rest of the organization such as a folder filled with team documents that aren't checked into a document management system. Leads to knowledge loss and knowledge waste.

Services

Use of external services such as a cloud-based sales tool. Can result in a variety of commercial, security and productivity issues.

APIs

Software developers who download and use APIs without proper verification of legal or security issues regarding its use.

Networks

An employee who does work using the public internet when a more secure network such as a VPN is required according to policy.

Devices

Employees who store company data on personal devices or connect outside devices to the private networks of an organization.

Assets

Acquiring tangible or intangible assets that aren't managed by processes such as procurement, asset management, financial management, license management, service management and compliance. For example, an employee registers a domain name using her name and credit card for a firm. Customers start using the site and it remains under her control when she leaves the company.
Overview: Shadow IT
Type
IT Governance
Definition
The unauthorized use of technology within an organization.
Related Concepts
IT Governance »
Risk Types »
Information Security »
Compliance »
Applications »
Apps »

IT Skills

This is the complete list of articles we have written about it skills.
Algorithms
Analytics
Architecture
Artificial Intelligence
Automation
Big Data
Coding
CRM
Data
Data Mining
Databases
Design
Devops
ERP
Gamification
Information Security
IT Examples
Legacy Software
Office Productivity
Problem Management
Process Automation
Robotics
SCM
Search Applications
Service Delivery
Service Management
SFA
Software Design
Testing
If you enjoyed this page, please consider bookmarking Simplicable.
 
Cite »

Information Technology Governance

A list of common IT Governance functions.

IT Governance

An overview of IT governance with examples.

Strategic Planning

A list of techniques for developing and implementing a strategy.

Business Risks

A list of common business risks.

Types of Technology

A reasonably comprehensive list of information technologies.

Chargeback vs Showback

The difference between an IT chargeback and showback.

Technology Risk Management

A reasonably comprehensive overview of technology risk management.

Technology Disadvantages

An overview of the potential disadvantages of technology with examples.

IT Strategy

A list of IT strategy examples.

Security vs Privacy

The relationship between security and privacy.

Hardening

An overview of technology hardening.

Deep Magic

An overview of deep magic, a technology term.

Defense In Depth

An overview of defense In depth.

Encryption Examples

A definition of encryption with examples.

Canary Trap

A definition of canary trap with an example.

Honeypot

A definition of honeypot with examples.

Security Through Obscurity

A definition of security through obscurity with an example.

Tokens

A definition of token with examples.

Backdoor

A definition of backdoor with examples.

Trending

The most popular articles on Simplicable in the past day.

New Articles

Recent posts or updates on Simplicable.
Site Map
Compliance
Networking
Computing
Creativity
Cryptography
Data
Design
Design Thinking
Governance
Information Security
Information Technology
Infrastructure
Knowledge Management
Management
Metrics
Organizational Culture
Problem Solving
Productivity
Project Management
Quality
Risk Management
Science
Systems Thinking
More ...
© 2010-2023 Simplicable. All Rights Reserved. Reproduction of materials found on this site, in any form, without explicit permission is prohibited.

View credits & copyrights or citation information for this page.

Home About     Privacy Policy     Cookies Terms of Use     Contact Us Search


Cookies help us deliver our services. You have choices regarding these cookies. Please visit our privacy policy, cookie policy and consent tool to learn more.


Copyright 2002-2024 Simplicable. All rights reserved. This material may not be published, broadcast, rewritten, redistributed or translated. Report violations here.