When employees use unauthorized personal devices for work or when teams download unapproved software for internal use, this is known as shadow IT, says a recent article on FOSSlife, and the practice leads to an array of security and compliance implications for organizations.
BMC says the practice is inevitable, because “users adopt shadow IT practices only to fulfill their job requirements in ways that make their life easier.” Part of the problem, BMC says, can lie within IT, for example, if they do not support technology that users require or if the provisioning process is too slow.
To address these issues and reduce the risks associated with unauthorized devices and software, BMC notes, organizations should clearly communicate which applications and devices are authorized or prohibited. The may also want to consider supporting low-risk shadow IT components through a documented process or working with users to find authorized replacement technology.
Learn more at FOSSlife.
(Photo by Tom Barrett on Unsplash.)