Source: Dark Reading Author: Michael Bargury URL: https://www.darkreading.com/cyber-risk/to-map-shadow-it-follow-citizen-developers

ONE SENTENCE SUMMARY:

Shadow IT emerges when employees utilize unapproved software to improve productivity, posing challenges for enterprise security and management.

MAIN POINTS:

1. Shadow IT arises when teams bypass IT for unapproved software solutions.
2. Personal preferences drive employees to use familiar tools despite official options.
3. Larger enterprises face severe software spread due to their size and independence.
4. Security practices can be bypassed through unofficial spending on software licenses.
5. Citizen development allows employees to create custom apps, impacting security dynamics.
6. Unapproved tools can unintentionally facilitate data transfers to unauthorized systems.
7. Mapping shadow IT can help identify what is truly vital for business operations.
8. Just asking employees about their used systems may not yield complete results.
9. Embracing citizen development can enhance visibility into actual software usage.
10. Managing security risks is essential when allowing citizen development practices.

TAKEAWAYS:

1. Encourage IT awareness about shadow IT’s prevalence in organizations.
2. Balance employee tool preferences with security measures to mitigate risks.
3. Strategically leverage citizen development for better software visibility.
4. Implement processes to regularly evaluate and manage unapproved software use.
5. Understand that personal efficiency often leads to shadow IT growth.