Shadow IT is alive and well, according to a report from Snow Software, and senior management are the worst culprits.
The software asset management tools company surveyed 3000 professionals in the US, Europe and APAC regions to gauge their attitudes towards IT. Many were largely happy to work around the IT department to get personal documents and unauthorized work tools. The survey found that 76% of people have accessed things on their work devices without IT’s permission.
Overall, 41% of employees use professional applications without asking IT if it’s alright, although management-level employees were almost twice as likely to do this, the survey found. While 25% of entry-level employees downloaded work software or apps without permission, 57% of VPs and C-suite execs used did the same, and 51% used personal apps. Only 7% of this group felt that using work devices for unauthorized purposes caused any business issues.
Many employees tend to act first and ask forgiveness later. When applications and services cost money, 27% of employees start with a trial, and then get IT to buy and manage the software if they like it. However, almost as many (24%) would rather pay for the software themselves and then expense it.
Employees were even more likely to use their personal devices to access work files and applications. The majority of them (85%) did this. Of particular concern is employees’ willingness to access other employees’ information and even customer data on their personal devices. 30% of workers had done this.
Overall, employees saw IT as a hurdle in their journey to get the job done. 32% said that seeking permission slowed them down and impacted deadlines, 27% found it frustrating.
In spite of their maverick tendencies, 67% cited of survey respondents saw security as the biggest business problem stemming from unmanaged technology. Privacy followed in second place at 50%. Which just goes to show that employees will often do what they know isn’t right, just to get their work done.
The topic of Governance, Risk and Compliance will be covered throughout the free-to-attend conference at Infosecurity Europe in London from 4-6 June. See all the talks on Governance, Risk and Compliance here. Infosecurity Europe is the leading European event for information and cyber security; find out more and secure your free visitor badge.
