This report covers a number of aspects of employee's IT needs, but one of the highlights was the observation that "sensitive documents are frequently stored and shared via email and instant message, and more secure methods that track user access and support the use of watermarks are rarely used. Additionally, employees continue to rely on non-approved applications because they are easy to use and, in some cases, because they are less likely to be monitored or tracked by their employers. The survey also found the number of employees satisfied with the apps and tools provided by their companies decreased from last year". The survey was previously run 12 months ago.
The survey attempted to probe deeper into this aspect. "Ninety-one percent of employees feel confident their knowledge sharing tools would only allow access to authorized individuals. This encouraging finding suggests teams trust the tools their companies have provided will keep data safe. However, it doesn't always mean the same employees are actually using the provided tools to do their jobs. Despite confidence in the security of their companies' tools and systems, employee behaviour is risky when it comes to sharing sensitive or private information. Sixty-nine percent admit to using email to store or share this information, while 26% have used instant messaging and just 14% use secure FTP."
The report goes on to suggest that respondents claim to be saving around 3 hours per week by using these non-approved applications.
Igloo offers businesses (and their IT teams) some thoughts on how to address this "shadow IT" problem.
The first thing is to run an anonymous survey, with very clear objectives that the intention is not to punish or remove applications, but to understand where IT has 'missed the boat' in the tools offered and how the suite might be improved.
Next, determine why these additional tools are being used. Is there a gap in the software provided by IT? Are different tools faster, better, more efficient?
Finally, offer training – perhaps one of the reasons that employees use a particular non-approved tool is that they know it well and simply haven't bothered learning the correct one. Perhaps they didn't know that the tool provided actually had the features they desire.
Above-all, IT teams need to be sure they present themselves as supporters of the business, not disablers.