Executives need to get shadow IT programs under control

The business world is undergoing significant transformations as the technological landscape evolves and gives employees more confidence in their ability to locate, procure and launch their own solutions in the workplace. While this trend has the opportunity to introduce new performance benefits, it puts pressure on IT asset management teams that are responsible for ensuring corporate activities are safe.

Unfortunately, the freedom that is often associated with the democratization of IT also gives employees a sense of self righteousness. A recent Fortinet study of 3,200 workers found that more than half of them would go against company policies that did not support the use of personal devices, cloud solutions and other emerging technologies.

"If enterprises cannot keep employee IT procurement programs in place, they will find it increasingly difficult to guarantee the safety of the mission-critical information that is accessed through those initiatives," said Jim Senske, vice president of sales at Aptris.

The cloud is becoming an especially troublesome tool for enterprises, as employees are now using these technologies in their personal lives, supporting the idea that workers know how to properly secure those platforms.

The cloud management challenge
Fortinet found that 89 percent of employees have at least one personal cloud account, with nearly 70 percent of these users claiming they have leveraged those services for work-related tasks. While this isn't necessarily a menacing statistic, 36 percent of individuals said they would simply use their personal services for corporate activities even if doing so were against policy.

A Symantec report echoed the growth of these "rogue clouds," revealing that more than three-quarters of companies witnessed the deployment of these solutions last year. Not surprisingly, 40 percent of these enterprises encountered a data breach of some kind through the exposure of sensitive information. This suggests that executives need to get their cloud and other technological procurement and management programs in line with how workers function.

Management teams should consult the workforce and understand how and why employees want to leverage personal devices, clouds and applications. This approach will provide decision-makers with more insight into IT service delivery initiatives and day-to-day activities, giving them more time to plan for unexpected breaches and other security incidents. Rather than waiting for new threats to emerge, forward-thinking executives should be proactive and tackle overconfidence issues head on before they become too problematic.