Dangers to your enterprise lurk in the shadows of the tools your employees may be using every day. These are applications that you have no visibility into or control over because you don’t know they’re being used. It’s called shadow IT—and this unregulated software usage poses more of a security threat than you might think.
In fact, a 2019 IBM and Forbes study found that over one in five enterprises faced a cybersecurity issue because of a “non-sanctioned IT resource.” And these security breaches aren’t cheap, with an average cost of $9.05 million in the U.S. alone.
Despite the risks, shadow IT use is still prominent, especially with COVID-19 changing the workplace. In a 2020 Kaspersky study, employees reported using personal email and messengers, video conferencing tools, file storage and sharing solutions, and collaboration software without IT approval.
But the good news is that there are steps you can take to reduce shadow IT usage in your enterprise. Apply these tactics, and you’ll not only put a stop to unauthorized application adoption, but you’ll also give your team access to the tools they need to thrive.
Understand Software Gaps That Lead To Shadow IT
To combat shadow IT, you have to tackle it at the source. So ask yourself, “Why are your team members using software that hasn’t been approved by IT?” Take a look at your tech stack. Is it truly meeting the needs of your workforce?
Over half of employees surveyed by G2 in 2019 said they weren’t happy in their jobs due to “missing or mismatched” tools. It’s time to find out if this is the case in your organization.
Use surveys, focus groups, and meetings with teams to better understand day-to-day work processes, tasks, and productivity challenges. With this information, you can audit existing tools to see where they are falling short or creating hurdles for teams.
For instance, if you find teams are frustrated by silos, with work scattered across too many tools, you can invest in a central solution—like Trello—that will house all information, assets, projects, and work across teams.
With Trello Enterprise, teams can establish designated workspaces and workflows and keep information organized in cards and boards. With every team working from this one tool, it’s simple to share assets and information, organize projects, and tag team members and other departments on relevant discussions.
Make Enterprise Security Resources Readily Accessible
The Verizon 2021 Data Breach Investigations Report found that “85% of breaches involved a human element.” But not every employee can be an IT security expert. An employee could be using unapproved software without realizing the security threats it poses. So it’s up to you to educate your workforce on enterprise security—including the risks of shadow IT—to prevent breaches caused by human error.
Start by developing a library of cybersecurity training resources and policies for your entire organization in Trello. Make a Trello workspace where all of these materials will live, so they are always accessible to team members. And keep it up to date with the latest information.
As you create and add resources about shadow IT to the Trello workspace:
- Get leadership buy-in: For employees to care about shadow IT, they have to see that company leaders do, too. Encourage executives to invest in shadow IT training and to advocate for the learning opportunity with their workforce. Then you’ll likely get more employee interest and engagement.
- Be understanding: Empathize with team members who may be using unapproved tools before diving into the risks. This shows employees that you care, and it will make them more likely to listen to why it’s important to keep IT in the loop on which software they’re using.
- Set clear guidelines: List which tools are approved and which aren’t, and document the steps team members need to take to get authorization for the use of other software (more on this later). Communicate clearly and don’t leave anything open to interpretation.
Create new resources in the Trello workspace as needed. And whenever you conduct regular training with employees, make time for feedback and questions. Get thoughts from others on the training and adjust or update materials when necessary.
Develop An Official Process For Pitching And Approving Tools
About half of workers surveyed want a say in their organization’s software decision-making process. And it makes sense because your employees will be using these tools day in and day out. They know what they need to complete work effectively and meet key business goals.
Give team members a voice in what their tech stack looks like—and maybe, just maybe, they won’t start adopting software without your approval.
Establish an official process for employees to pitch software for IT review and approval. This gives teams the chance to explain why the tool is needed and how it will benefit the company. And it gives IT the chance to properly vet the solution and make sure it is in compliance with corporate security policies.
With Trello, you can even keep all software requests in a designated workspace, so employees can regularly communicate with IT about the request and get updates on its status. And when a tool is approved or rejected, you can note that on the card for everyone to see. If tech is rejected by IT, offer a thorough explanation as to why—as well as more secure alternatives.
Use Trello Enterprise: A Secure Tool For Collaboration
Shadow IT is preventable with the right training, processes, and tools. Trello Enterprise can help along the way. But it’s also a secure solution that can support teams throughout your organization.
It meets needs across different departments with a variety of uses — from customer account management to planning and monitoring marketing campaigns. You can even create Trello boards for meeting agendas, internal knowledge base resources, organization-wide communication, and more.
And by allowing teams to collaborate safely on Trello with ease, they’re less likely to turn to shadow IT in the future. Discover the endless possibilities Trello Enterprise can offer your organization by contacting the sales team today.
Good or bad, we’d love to hear your thoughts. Find us on Twitter (@trello)!