China 
Africa 
Explore chapters and articles related to this topic
The Cloud
Published in Preston de Guise, Data Protection, 2020
The term shadow IT has been increasingly used to define scenarios where cloud-based IT resources are procured and organized outside of the IT department—by managers, pseudo-technical staff, or power users within other areas of the business. Shadow IT occurs when a group within the business requires certain IT functions but are unable or unwilling to access them through conventional IT channels. Rather than waiting until the resources can be made available, they seek them through public cloud services. Thus, islands of IT the business may rely on that are outside of the watchful eye of IT departments spring up within the organization.
The Cloud
Published in Preston de Guise, Data Protection, 2017
The term “shadow IT” has been increasingly used to define scenarios where cloud-based IT resources are procured and organized outside of the IT department—by managers, pseudo-technical staff, or power users within other areas of the business. Shadow IT occurs when a group within the business require certain IT functions but are unable or unwilling to access them through conventional IT channels. Rather than waiting until the resources can be made available, they seek them through public cloud services. Thus, islands of IT the business may rely on that are outside of the watchful eye of IT departments spring up within the organization.
Software as a Service
Published in Curtis Franklin, Brian J. S. Chee, Securing the Cloud, 2019
Curtis Franklin, Brian J. S. Chee
Shadow IT takes two forms: The first is business units and managers who buy cloud applications and services with purchase orders that fall within their financial limits or even through credit card charges that are paid through expense account reporting. Some of these services and applications don’t interface with other applications used within the organization and simply involve business time and (perhaps) sensitive data. Others interact with existing databases and applications through APIs that the rogue cloud service can use to silently hook into the corporate infrastructure.
Inconsistencies Between Information Security Policy Compliance and Shadow IT Usage
Published in Journal of Computer Information Systems, 2023
Hsieh-Hong Huang, Jian-Wei Lin
In 2014, Haag and Eckhardt2(p4) defined shadow IT as “the voluntary usage of any IT resource violating injunctive IT norms at the workplace as a reaction to perceived situational constraints with the intent to enhance the work performance, but not to harm the organization.” Shadow IT poses a threat to IS. It is, in essence, employees installing and using unverified software due to a desire to improve their working tools, which leads to the violation of organizational ISPs. Shadow IT is also a double-edged sword that carries both advantages and risks. Although shadow IT improves work efficiency and encourages active participation and self-initiative, it is a risk for network security, data loss (due to backup failure), regulatory compliance, and hidden costs. In essence, shadow IT systems exist because of disagreements between employees and the IT department, and their purpose is to fill the gap between employee needs and existing IT solutions.21,22
The mediating role of social presence in the relationship between shadow IT usage and individual performance: a social presence theory perspective
Published in Behaviour & Information Technology, 2021
Gabriela Labres Mallmann, Antonio Carlos Gastaud Maçada
According to the literature, shadow IT is any IT solution built, introduced, and used by employees to perform their work tasks without explicit approval or even knowledge of the organisational IT department (Silic and Back 2014; Haag and Eckhardt 2017). The definition of shadow IT states that it may be explicitly unauthorised or unknown technologies and, consequently, these technologies do not have the support of the IT department. Shadow IT, then, is a form of decentralised computing implemented by individuals, workgroups or whole business units (e.g. Zimmermann, Rentrop, and Felden 2014; Furstenau, Rothe, and Sandner 2017) that does not technically or strategically involve the organisational IT service management (Rentrop and Zimmermann 2012).
BYOD Policy Compliance: Risks and Strategies in Organizations
Published in Journal of Computer Information Systems, 2022
Rathika Palanisamy, Azah Anir Norman, Miss Laiha Mat Kiah
Although many employees have chosen personal devices over organization-owned equipment, the IT teams are only aware of a fraction of them. Without knowing how many devices are available coupled by a plethora of operating systems, and other technical specifications, it would be difficult for the IT team to ensure the complete protection of the organization’s data against external threats. Usage of unauthorized devices and applications creates a shadow IT phenomenon in the organization.35