SoftWatch provides unique analytics that allow enterprises to embrace Shadow IT activities in a controlled manner, thus encouraging innovation and productivity and at the same time avoiding data loss, ensuring compliance and preventing security breaches.
Shadow IT, an old well known phenomenon in enterprises, has dramatically increased in recent years due to the emergence of high quality cloud services and SaaS applications. The adoption of popular consumer applications such as file sharing apps, social media and collaboration tools by corporate employees, along with enterprise-class SaaS applications that are deployed by line of businesses to improve productivity and innovation, are posing huge challenges to CIOs. While IT managers tried to block Shadow IT in the past, they now understand that they will be better of embracing this trend. Therefore, the need for management tools that will enable IT managers to obtain relevant information regarding Shadow IT activities and ensure compliance with corporate policies becomes critical.
Specifically, the following are typical important questions that CIOs ask themselves regarding Shadow IT activities:
- What Shadow IT apps are being used and by whom?
- What data is being stored by Shadow IT apps?
- How do I assess the business risks due to Shadow IT activities?
- How do I control the Shadow IT activities and ensure compliance with corporate policies?
The ability to answer the first question above is key when putting in place a coherent plan to manage and control Shadow IT activities by CIOs. Discovering the applications that are being used and identifying the users and departments that are using those applications helps them understand the scope of Shadow IT and serves as important inputs to assess the risks involved, design the needed policies and control costs.
SoftWatch Shadow IT analysis provides exactly this. With its unique ability to detect all applications that are being used by enterprise employees and by comparing them to the approved applications according to IT policy, it can isolate all Shadow IT applications within the enterprise. As this list may be quite long, SoftWatch provides the ability to sort and prioritize applications by their level of usage: the more the application is being used, the higher it will be prioritized by the Shadow IT list. On the other hand, if the IT department would like to prioritize applications according to different criteria, such as security risks, it can provide a closed list of risky applications that will be looked for and analyzed by SoftWatch. For each Shadow IT application, the specific departments that use the application will be identified, and a detailed users list will be provided, segmented to light and heavy users according to the extent they use the application.
An initial assessment is highly recommended at the beginning of the process. This assessment can serve as a baseline for the management activity that follows. However, as more and more cloud applications will be offered, Shadow IT is here to stay for a long time. It is therefore suggested to use SoftWatch as an ongoing monitoring and assessment vehicle that can be very instrumental in the management of Shadow IT activity overtime.