Shadow IT

Quite recently, I submitted an assignment on “Shadow IT”. I want to share some of its data with the blog readers.

According to [1], “Shadow IT is the use of information technology systems, devices, software, applications, and services without explicit IT department approval”. E.g. BYOD, use of cloud services like Dropbox, Google Drive, One Drive etc.

Gartner [2] predicts that one-third of successful attacks experienced by enterprises will be on their shadow IT resources.

A recent study from EMC [3] suggests that data loss and downtime cost a total of $1.7 trillion each year due to shadow IT security breaches.

How to avoid Shadow IT?

According to [4], IT shadow can be avoided using the following;

1. Management perspective

Diligence and awareness are two important management attributes

2. HR and Legal department perspective

Defining penalties for employees who conduct shadow IT activities;

3. IT Team Perspective

Considering deploying shadow IT detection tools.


[1]., Date of access: 14th Sep, 2022.

[2]., Date of access: 14th Sep, 2022.

[3]., Date of access: 14th Sep. 2022.

[4]., Date of Access: 14th Sep, 2022

2 comments on “Shadow IT

  1. Learnt something new & interesting.
    Thanks Mr Naveed.
    We hope you would publish such articles in future.

Leave a Reply

Your email address will not be published. Required fields are marked *