Shadow Cloud Services are unsanctioned networks and services that are subscribed to by individuals and business groups without the involvement or knowledge of Information Technology, Security, Compliance Groups, or others. These services can pose serious risks to the business including data leakage, data integrity, business continuity, and regulatory compliance issues. This is a formidable exposure for both the small business owner and the larger enterprise.
The ability for an individual or group to procure services for collaboration or individual use at a low cost price point makes it an attractive way for some to bypass IT and do things “on their own”. Services that fall under this can include collaboration software, remote storage, customer relationship and human resources applications.
There may be considerable financial implications in larger enterprises due to duplication of services. However, there are business risks that can far outweigh operating costs, including loss of intellectual property and trade secrets, regulated data exposures and the breach of rules pertaining to data handling, along with business continuity problems. For the small business owner a rogue employee(s) utilizing personal cloud storage could lead to serious issues.
In a survey, conducted by Frost and Sullivan, of 300 IT employees and 300 business unit managers 80% of respondents reported using SaaS (Software as a Service) applications that were not approved by IT. This is the equivalent of business units running non-sanctioned manufacturing facilities, offices, or lines of business.
Skyhigh Networks recently conducted a study of 200,000 public sector employees with various organizations in the U.S. and Canada. The study found that the use of shadow cloud services was on average 10 times greater than the applications that IT was running within these government organizations. A copy of the report can be downloaded here. This is a serious issue that must be addressed if the government is to protect our personal information and control costs.
The ability to identify unsanctioned or rogue usage can be a complex issue to solve for most organizations large and small. The outcome however can be well worth the effort and potentially avert serious issues.
About Network Management Solutions
Network Management Solutions (NMS) has been helping companies address their business and technology issues since 1996. We are currently serving a variety of customers within New Jersey, New York, and the surrounding metro areas of New York and Philadelphia. For more information please contact us.