skip to main content
Close Icon

In order to deliver a personalized, responsive service and to improve the site, we remember and store information about how you use it. This is done using simple text files called cookies which sit on your computer. By continuing to use this site and access its features, you are consenting to our use of cookies. To find out more about the way Informa uses cookies please go to our Cookie Policy page.

Global Search Configuration

Ovum view


“Shadow IT” is hardware or software deployed within an organization that the IT department is unaware of, or has not approved. The term often carries negative connotations due to the maintenance and security issues involved in this often unregulated area of the technology marketplace. The general consensus is that the growth of shadow IT should be seen as a business and data protection problem, but not all chief information security officers (CISOs) agree.

Not all shadow IT is bad – leading CISOs recognize that there can be business benefits

In June 2015 a dozen of the UK’s leading CISOs gathered at the Eskenzi IT Security Analyst & CISO Forum to answer questions from security analysts, resulting in a lively exchange of views. Although the analysts would have expected the panel to take a strong stance on the need to reduce the use of shadow IT, the situation turned out to be less clear-cut. Many of the CISOs who took part agreed there are control issues to be addressed when technology use bypasses corporate policy and standards requirements. But the overall message was that shadow IT can also deliver business benefits.

Those in the creative industries, media, and telecoms were particularly supportive of shadow IT. The suggestion was that these businesses need it to support the requirements of their free-thinking users. The focus for these CISOs from a security perspective was education, to ensure that users understand the data protection and security issues involved.

Although there will always be non-negotiable areas in which shadow technology cannot be used, IT security can no longer always inhibit it. User and data protection has to be agile enough to support the ongoing demands of the business. The consensus view from this group of leading CISOs advocated a collaborative approach that incorporates shadow IT into computing polices whenever its use can be supported. Their opinion was that security teams should make every effort to find out why specific third-party tools are being used, and to review their business benefits and risks before making any final decisions.



Andrew Kellett, Principal Analyst, Infrastructure Solutions

Recommended Articles

  • Enterprise Decision Maker, Enterprise IT Strategy and Select...

    2017 Trends to Watch: Big Data

    By Tony Baer 21 Nov 2016

    The breakout use case for big data will be fast data. The Internet of Things (IoT) is increasing the urgency for enterprises to embrace real-time streaming analytics, as use cases from mobile devices and sensors become compelling to a wide range of industry sectors.

    Topics Big data and analytics IoT

  • Consumer & Entertainment Services, World Cellular Informatio...

    Mapping the Future of Enterprise Messaging: SMS, RCS, and Chat Bots

    By Pamela Clark-Dickson

    In this paper, we analyze the results of the Enterprise Messaging Survey 2017, placing the findings in the context of the rapidly evolving business-to-consumer communications market.

  • Consumer & Entertainment Services, Service Provider Technolo...

    FAANG to sink its teeth deeper into TV in 2018

    By Rob Gallagher 14 Dec 2017

    Few trends will be bigger in 2018 than the transformation of TV and video by OTT technology and services. Here we present five Ovum predictions related to the most influential players: Facebook, Amazon, Apple, Google, and Netflix – or FAANG, for short.


Have any questions? Speak to a Specialist

Europe, Middle East & Africa team - +44 (0) 207 017 7700

Asia-Pacific team - +61 (0)3 960 16700

US team - +1 646 957 8878

+44 (0) 207 551 9047 - Operational from 09.00 - 17.00 UK time

You can also contact your named/allocated Client Services Executive using their direct dial.
PR enquiries - Call us at +44 7770704398 or email us at

Contact marketing -

Already an Ovum client? Login to the Knowledge Center now