Tech pros beat business users in shadow SaaS use

Among the top users of software-as-a-service (SaaS) apps not authorized by the IT department are tech pros themselves, according to a recent survey commissioned by security software company McAfee Inc.

A poll of 600 IT and line of business decision makers in large companies from North America, the United Kingdom, Australia and New Zealand, found that nearly 35 per cent of all SaaS apps used in the workplace are comprised of unauthorized software or what are called shadow SaaS apps.

Business consulting firm Frost & Sullivan, which conducted the survey, also found that 80 per cent of respondents were using shadow SaaS apps to in the workplace.

Corporate IT departments may frown upon the rampant use of unauthorized applications in the workplace because of the security risk and management issues they create, the survey also said that IT professionals are among the top perpetrators of shadow IT.

As many as 83 per cent of IT professionals use shadow IT compared to only 81 per cent of line of business users.

What makes them go rogue and use apps that their department has not approved?

Restrictions and the need to get pass them in order to get their job done, according to the respondents.

Thirty nine per cent of the IT respondents said they used unauthorized SaaS because “it allows me to bypass the IT process.” Eighteen per cent said IT restrictions “make it difficult to do my job.”

“In many cases it is not malicious at all – in fact they are trying to do their job better, or make it easier,” McAfee said in a statement. “In a hypercompetitive global business environment…employees are increasingly being measured on results – in some cases with their jobs at risk.”

The security firms said it’s no surprise that in such an environment many individuals will “do whatever it takes” to meet their job and business objectives.

The top unauthorized SaaS application in the workplace was Microsoft Office 365 (9 per cent), followed by online productivity tools Zoho (8 per cent); professional social networking site LinkedIn (7 per cent); and Facebook (7 per cent).

On average, the survey said, 15 per cent of respondents experienced a security access or liability event while using SaaS.

“Without appropriate knowledge, non-technical employees may choose SaaS providers or configurations that do not measure up to corporate standards for data encryption,” said Lynda Stadtmueller, program director of the cloud computing analysis service at Frost &Sullivan’s telecom forecasting arm Stratecast. “They may not realize that their use of such applications may violate regulations concerning handling and storage of private customer data, leaving the company liable for breaches.”

Businesses need to protect themselves from shadow SaaS usage, according to Pat Calhoun, general manager of network security at McAfee.

“The best approach is to deploy solutions that transparently monitor SaaS applications (and other forms of Web traffic) and uniformly apply enterprise policies, without restricting employees’ ability to do their jobs better,” he said.

He said such tools will not only provide secure access to SaaS applications but can also encrypt sensitive information to prevent data loss.

 

 

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Nestor E. Arellano
Nestor E. Arellano
Toronto-based journalist specializing in technology and business news. Blogs and tweets on the latest tech trends and gadgets.

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now