Shadow IT is any IT asset your IT team does not know about. Shadow IT has become a bigger problem since the pandemic when organizations were rushing to provide better options for employees to collaborate and work from home.

Technology purchasing has also become more distributed with SaaS vendors targeting departmental buyers (CMO, CRO, CTO) and end users via product-led growth initiatives. Broadly speaking, Shadow IT can encompass: 

Shadow IT risks 

There are several risks associated with shadow IT. The main challenges include: 

How to find Shadow IT 

There are multiple ways to discover shadow IT.  

Learn more in this article, SaaS discovery methods

Governing Shadow IT 

Since everyone has access to the internet and can start a trial with an email address or sign up for a service with a credit card, you can’t prevent shadow IT, but with the proper visibility and policies in place, you can govern it. Here are some tips on governing shadow IT throughout the lifecycle: 

Procurement:  

Support/Monitoring: 

Learn more about to identify risks in your technology estate in this guide, Technology Intelligence for Security Professionals.