Instead of seeing Shadow IT as a threat, Ralph Loura sees it as an opportunity to leverage employees to identify the applications they want to use so that IT can enable the ones that have gained traction and are enterprise-ready.
According to Loura, “We embrace the idea of this shallow exploration of new technologies, new tools, and new processes by our users. To the degree that they discover these applications or services that make their jobs easier, that make them more efficient at selling or better at running a supply chain or better at sourcing talent, then everybody wins.” Promoting low-risk services that have reached a tipping point starts with understanding what cloud services employees use, how they use them, and their associated risk.
Expected Shadow IT vs Actual Shadow IT
The average company currently uses 1,083 cloud services in total; 108 known services, 975 unknown services
Unfortunately, legacy management and security products just don't have the visibility to find, understand, or control cloud service usage and risk, leaving IT flying blind.
Enable the entire cloud adoption lifecycle
What if you could:
- Gain complete visibility into all cloud services in use and an objective risk assessment across data, business, and legal risk
- Identify security breaches and insider threats, analyze usage patterns to understand demands, and consolidate subscriptions
- Seamlessly enforce security policies including coarse and granular access control, data loss prevention, and encryption
When IT examines the use of cloud services across the organization, they generally find Shadow IT is 10 times more prevalent than they initially assumed. The average organization today uses over 1,427 different cloud services, derived from anonymized usage from over 30 million users across over 600 enterprises using McAfee CASB. Often IT departments discover many services in use that they have never heard of before. After auditing the risk of each service and its security controls, IT teams can make informed choices about what services to promote or enable. This is more than just an exercise in risk management. The average company uses 57 different file-sharing services, and using these many different services can impede collaboration between employees. Standardizing on enterprise licenses for 2-3 services not only improves collaboration, but it also reduces cost.