Written By

Kiran Patel



Stay up-to-date with OST blog posts.

February 16, 2021

What Is Shadow IT? Explore the Definition of Shadow IT, Shadow IT Examples and More

Pink image of a building with many windows. Text reads “Shadow IT”.

With the rise of cloud computing and software as a service (SaaS), the concept of shadow IT has emerged in businesses and organizations. Shadow IT is a designation given by central IT for any IT that is out of their control but within the domains of the business. “Shadow IT developed as a concept because business units were making independent acquisitions of IT technology and services outside of the realm of the centralized shared service enterprise IT,” explained OST CIO Jim VanderMey in a recent interview.

In this article, we will explore how shadow IT arises as well as the risks and benefits of departments within your organization utilizing their own IT services.

How Shadow IT Develops

To understand how shadow IT develops, VanderMey outlined how “every time there is a new technology introduced in the market, early adopters in the business often buy it. Then, it turns into a control issue and ultimately comes back into central IT because of security, cost or risk.” After all, what happens if someone’s laptop outside of central IT’s control is stolen and has confidential information on it?

So, why don’t teams just orchestrate new purchases with central IT in the first place? Many times, shadow IT develops because the control structures that IT has put in place are not flexible enough to meet the needs of the business. This becomes a barrier to coordination and collaboration. And for many teams, it’s just easier to move forward independently and ask forgiveness rather than permission.

John Vancil, Director of Enterprise Services at OST, echoes this sentiment: “If a part of the organization needs to get something done — and they recognize that to go about it the normal way is going to take a long time and a lot of bureaucratic hoops — then they’re going to get it done.”

Vancil also offered an example. Imagine your human resources team is struggling to efficiently manage and track paystubs and employee personal data. Members of that team find a new piece of software that will streamline their processes and consolidate recordkeeping. So, they stand up the platform on their own. A few months later, though, they ask IT to support and troubleshoot an issue they discover — on software their IT team didn’t even know about!

Another example might be a team paying for a new platform or tool with a company credit card and then implementing the new tool. But they only tell members of the IT team about it later.

Is Shadow IT a Risk for Central IT?

The loss of control often creates a perceived risk for central IT. But VanderMey clarifies that “this is no different than what most enterprises actually have in place,” he said. “After a certain level of maturity, organizations that focus on IT as a cost center are constantly looking to drive down the cost of delivering the technology services of the organization.”

Businesses are already moving from high-cost platforms to lower-cost platforms. And they are moving away from large CAPEX spends on data center infrastructure to OPEX models facilitated by cloud service providers. These are both economic strategies for optimization. The end result of this drive to lower costs is often outsourcing the portions of their IT portfolio that are non-strategic and can be outsourced. That’s the final step for the cost-oriented IT model. It simply can’t get any cheaper.

The role of IT should be to solve the business issues that teams are seeking to solve while meeting the broader enterprise needs that IT represents.

Benefits of Shadow IT

Neither VanderMey nor Vancil is categorically opposed to shadow IT at an organization. As VanderMey explains, “it is an indication that you have an engaged group of people in the business who want to do something with technology.” And that’s great news for optimization, innovation, employee engagement and more.

If shadow IT is seen as a problem in an organization, it may be because the IT organization is trying to enforce a command-and-control approach when they should be working side by side with business partners to enable their use of technology and channel their enthusiasm in a positive direction.

The goal of any IT team is to be an effective partner with the business. The direction an organization goes depends on the type of leader in place, VanderMey noted. In his thinking, IT leaders should be solving for security, cost, velocity and flexibility. If they’re having a negative impact on those factors, they’re missing the mark on crucial components of their objective.

OST Helps IT Leaders Align and Deliver

There are three finite resources in any organization: money, time and attention. With OST’s cross-functional expertise, we help businesses save time and money on their IT projects so they can devote their attention to driving new value for their organization.

If you’re struggling to bridge the divide between business and IT, we’d love to talk! Schedule some time with an expert or send us a message. We look forward to speaking with you!



Stay up-to-date with OST blog posts.

About the Author

Kiran Sood Patel is a content creator at OST with a strong background as a writer and communications professional. She previously served as managing editor of an online community journalism platform in Grand Rapids. And she brings years of additional newspaper reporting experience covering issues in education, business, technology, city government and more. She is passionate about diversity and appreciates sharing her background as an Indian American woman with others.