One of the biggest threats to enterprises isn’t a hacker halfway across the world hoping to score valuable data to sell on the black market. And it isn’t a disgruntled former employee looking to do the same. It isn’t even a rogue nation-state perpetrator looking to disrupt big business. It’s shadow IT.
Broadly defined, shadow IT includes “investment in acquiring, developing and/or operating IT solutions outside the formal control of a formal IT organization,” wrote Gartner analyst Simon Mingay in a January research note. Shadow IT rose to prominence after the proliferation of cloud and mobile technologies consumerized IT. Employees could suddenly access foreign applications via the corporate network from their personal iPhones and Android smartphones. Apps ranged from the personal to the professional, but they were most definitely unsanctioned.