Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Shadow cloud problem growing, SkyHigh Networks says

SAN FRANCISCO -- Enterprises are using hundreds of cloud services and applications, yet only a small fraction of that number is approved by IT departments.

"On a quarterly basis, we publish a report, the SkyHigh Cloud Adoption and Risk Report. And this is actual usage data across 17 million employees and across over 400 enterprises," said Kamal Shah, vice president of products and marketing at SkyHigh Networks, Inc. "And what we found is on average an organization is using 953 cloud services."

The problem, according to Shah, is that less than 1% of those services have been authorized by the enterprises' IT departments.

In this interview, recorded at the RSA Conference 2015, Shah describes the scope of shadow cloud, or the usage of cloud apps and services not approved by IT, in the enterprise. For example, Shah said that according to SkyHigh's most recent report, shadow cloud usage is typically 10 to 20 times larger than what enterprises estimate. So how do enterprises get control of the problem?

Less than 1% of those [cloud] services have been authorized by the enterprises' IT departments.

"It's no longer about saying 'No' to the employees," Shah said. "They're using cloud services for the right reasons -- to increase productivity and to help them get their jobs done faster."

Instead of outright banning shadow cloud apps and services, SkyHigh provides secure enablement of those offerings as a cloud access security broker. The company's cloud security platform creates policy-based enforcement points and controls around popular public cloud services, such as Salesforce, Office 365, Dropbox and others.

Shah goes on to explain what types of shadow cloud apps and services are most popular in the enterprise, such as file sharing and collaboration, and why. He also discusses how many of the consumer-focused cloud application vendors like Dropbox are adding more enterprise-focused security measures, such as encryption and multifactor authentication.

View All Videos

Conference Coverage

RSA Conference 2015 special coverage: News, analysis and video

Join the conversation

3 comments

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

Not sure why the IT industry spends so much time trying to reclassify "productivity and problem solving" as "Shadow IT". It's a competitive market for every aspect of a business. IT is no different. More time should be spent on how to further enable the ones that are becoming more productive. 
Cancel
Good points, Brian. Every 'workaround' is an opportunity to improve, not a prompt to shut things down. 
Cancel
I'm on Brian's side here. The last thing we need, the least helpful, is another sensational headline. Of course this problem is growing. Because it isn't a problem at all; it's an opportunity.

If IT doesn't understand that, our first job should be setting up new guidelines for them. Their first job should be getting safety protocols in place so that our work (and the enterprise) are secure.
Cancel

-ADS BY GOOGLE

SearchSecurity

SearchCloudComputing

SearchAWS

SearchCloudApplications

SearchServerVirtualization

SearchVMware

ComputerWeekly

Close