By Paul
Davenport, Marketing Content Manager at AppNeta
With concerns around data privacy starting to
mount in seemingly every corner of society, it's critical that IT teams
establish workable (and realistic) internet use and network policies. But with
20-50 percent of enterprise app spending
taking place "in the shadows" -- that is, without the knowledge or direct
consent of IT -- enforcing best practices is yet another new struggle that IT
teams wrangle within the age of SaaS.
"Shadow IT" has exploded in the enterprise
space alongside the booming popularity of business-critical SaaS. This is the
double-edged sword of enterprise cloud migration, as SaaS solutions can quickly
(and cost-effectively) be deployed without the need for enterprise IT to build,
deploy, or own management of their own tools and workflows. After all, with the
role of IT changing from "a technology-driven cost center to a value-based
service brokerage," according to a recent Salesforce report, teams
are looking for any method they can to streamline deployment and play a
proactive role in serving end users.
While Shadow IT may be frustrating for IT
teams that are already grappling with radical changes to their network
infrastructure, it's not always conducted with ill intent. More often than not,
it all comes down to a simple preference of one platform over another. A
company may choose Google Hangouts as their go-to collaboration platform, for
instance, while a specific department prefers Slack and leverages that platform
for their internal comms. But even seemingly harmless reasoning like this can
be risky.
Take, for instance, recent research from
McAfee that found 144 apps in the Google Play store that had secretly contained
a malware called Grabos. The virus was masked
innocuously as an audio player within each app, and was only discovered after
more than 17 million downloads.
But it's not just a threat of malware that
should have network teams on the lookout for Shadow IT. When rogue applications
are rampant on the network, it could be a response to dissatisfaction with the
existing policies and approved apps that teams use to complete their work. If
employees are driven to take matters into their own hands by resorting to
Shadow IT, then network teams may need to rethink their approach.
To get a handle on how teams can shine a light
on Shadow IT and address it appropriately, teams need to take the following
steps:
- Gain a sense of the company's complete app
landscape. When network teams don't have
visibility into all apps leveraging total network capacity, it not only
leaves IT blind to potentially malicious applications in use: Teams will
also lack visibility into how non-critical apps are impacting the
performance of important ones. Even if it's a matter of employees using
alternative solutions to get the job done, understanding employee habits
versus what's prescribed by the company policy can help IT rethink how
they allocate network capacity.
- Baseline performance and explore other solutions. After successfully gaining a grasp on the company's app
landscape, IT should use this knowledge to explore what solutions/policies
have been working while highlighting areas for improvement. If a team
abandons one collaboration tool for another, for instance, IT should
evaluate if it was simply a matter of UX preference, or if it was actually
a performance issue that IT could remedy to help get all users back on the
same page. Similarly, if Shadow IT has unearthed a more attractive new
solution (more cost-effective, for instance, or it delivers better UX
while needing less bandwidth) it might be time for IT to make a switch.
- Use newly-gained visibility to help enforce new
policies. It's all really simple, at the end of
the day: Enterprise IT needs a comprehensive view of the network and
visibility across the board to be effective at any part of their job. This
doesn't necessarily mean dedicating manpower specifically to policing end
users and holding them to task. Instead, teams need to employ lightweight
-- that is, low bandwidth and easy to control -- solutions that can
deliver real-time insights from a single pane of glass.
With continued, active visibility, IT will
know whenever rogue apps pop up on the network and who to ping about it. But
rather than taking a policing approach, IT should use this as an opportunity to
build a bridge between departments that turned to Shadow IT in the first place,
recommending new tools or proactively assisting when performance laps.
##
About the Author
Paul Davenport is the Content Marketing Manager for AppNeta. Paul has an extensive background in the B2B tech space leading content creation and public relations. He studied Print & Multimedia Journalism at Emerson College.