Six tips for taming Shadow IT

Cloud computing offers advantages to enterprises, but only when done through a well-defined IT strategy. When done by individuals or lines of business – the so-called Shadow IT – unmonitored IT activity could post a significant risk. Yet sometimes the cloud moves faster than IT to meet business  needs In a recent report PricewaterhouseCooper outlines how to prudently say yes to the cloud. Images from


Find what’s there

Discover what shadow cloud services are being used in the organization, then categorize them according to risk: Those that should be banned or restricted, those that are often used by the organization and can continue if they pose no risk, and those that are sanctioned.


Establish trust

Build an atmosphere of trust in which both business and IT embrace change, where business asks for advice and IT is the advisor and orchestrator. Business strategy should be aligned to a cloud adoption strategy, one that isn’t based on saving money alone. IT should work with departments to understand functional requirements, business processes and architectures that make sense.

INSIDE SLIDE Handshake, trust partnership SHUTTERSTOCK

Face compliance 

Both side needs to understand that all IT solutions need to meet legal, contractual, regulatory and sector-based standards. Intelligent vendor management practices may help mitigate risk. Also, when choosing solutions for sensitive data, it’s very important to find providers that commit to service level agreements


Lock it down

Business also has to understand IT has the knowledge to deal with data lifecycle management issues that cloud providers may skip over, as well as security issues such as access, encryption and key management, incident response continuity and data recovery.


Keep an eye on it

You can’t let staff adopt cloud solutions and forget about them. Cloud service providers have to be managed and monitored. Consider monitoring capabilities and incident escalation processes that will give the organization real time insight into business case gaps or conflicts, security issues and other service metrics.

INSIDE SLIDE Supervise, monitor, guard SHUTTERSTOCK


To avoid shadow cloud being isolated, develop an IT architectural vision that allows efficient access management and service interoperability to enable an integrated cloud. Service orchestration may help improve realizethe benefits by enabling a more integrated set of IT processes across a varied set of cloud solutions.



Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@]

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Slideshows

Top Tech News