1. Market Research
  2. > Software Market Trends

The Proliferation of Shadow IT - and the Opportunity for Cloud and Security Service Providers

  • November 2013
  • 11 pages
  • Frost & Sullivan
Report ID: 1870913


Table of Contents

In this SPIE, we take a look at the state of shadow IT in companies worldwide. We reveal some surprising results from the Stratecast survey of IT and Line of Business (LoB) employees. Finally, we offer tips to security, cloud, and managed services providers to help enterprises start addressing the risks associated with shadow IT in their own companies.


Just a few years ago, the industry was all abuzz about employees who insisted on using their personal devices, such as iPhones and iPads, to access business applications. Within IT circles, the discussion quickly shifted from “how to stop it” (you can’t) to “how to protect your business while giving employees the freedom to make choices.” Today, companies report greater productivity and higher employee satisfaction from their Bring Your Own Device, or BYOD, policies.

Are we headed for a similar discussion based around employees’ choice of the applications they utilize in business? Are we facing a BYOA (Bring Your Own Application) revolution, in which employees claim the right to choose the tools with which they get their work done, while IT scrambles to protect corporate assets?

The revolution is already here, according to the results of a recent Stratecast survey. Thanks to the ease of access to Software as a Service (SaaS) applications, even non-technical employees feel comfortable and entitled to choose their software—and they are doing so in droves. In many cases, IT departments and security officers are unaware of the extent of “shadow IT,” and therefore unprepared to deal with it.

For SaaS providers, the proliferation of shadow IT brings a whole new set of target customers. Rather than dealing with IT gatekeepers, SaaS providers can market and sell directly to individual employees, departments, and business units. However, unfettered access to thousands of SaaS applications, without centralized, policy-based control, opens the company to significant risks.

In this SPIE, we take a look at the state of shadow IT in companies worldwide. We reveal some surprising results from the Stratecast survey of IT and Line of Business (LoB) employees. Finally, we offer tips to security, cloud, and managed services providers to help enterprises start addressing the risks associated with shadow IT in their own companies.

Defining “Shadow IT”

In this SPIE, Stratecast broadly defines “shadow IT” as SaaS applications used by employees for business, which have not been approved by the IT department or obtained according to IT policies. The non-approved applications may be adopted by individual employees or by an entire workgroup or department. The non-approved applications must be used for work tasks; in this study, we are not tracking employees’ personal Internet usage on company time (e.g., checking sports scores or updating personal Facebook profiles).

The cloud—particularly the SaaS delivery model—and popularity of powerful mobile devices are responsible for the rise of shadow IT in business. In the SaaS model, the software vendor is responsible for hosting and maintaining the application, which users access via a network. For corporate IT departments, choosing SaaS over traditional licensed software offers a number of benefits. Since the application vendor hosts the software, the enterprise IT department can avoid capital investments in infrastructure. In addition, the vendor is responsible for operational tasks, including infrastructure maintenance, testing, provisioning, upgrades and refreshes, capacity planning, and performance management. Backup and recovery for data and infrastructure is also largely the responsibility of the vendor in a SaaS environment.

But the benefits of the SaaS model are not restricted to corporate IT. For users, SaaS is characterized by:
• Ease of access – Users can access SaaS apps via the Internet, using their Internet browser, from any Internet-accessible device. In most cases, little or no client-side software is required, which means that the SaaS solution leaves no “footprint” on company-owned devices.
• Ease of maintenance – SaaS apps are maintained by the provider. Users have no responsibility for patches or updates.
• Free or low cost – Many software providers offer a limited functionality or limited capacity version of their applications at no cost. Other SaaS applications are available at a low monthly fee, payable by credit card (no corporate purchase order required). SaaS subscriptions can often be terminated at any time, with no strings attached.
• Quick deployment – SaaS is available on demand, with a click of the “accept” button on the Terms and Conditions page. Users do not have to wait weeks or months for server provisioning and application deployment (assuming the request is approved).

Consumers have embraced SaaS; in fact, a whole generation of users has never loaded software onto a personal computer. It should come as no surprise that those same users carry their experiences and expectations into the workplace.

But, the decisions that users make in their personal lives generally affect only themselves. In a business setting, the decisions an employee makes can impact the entire corporation. This is why the stewards of corporate assets (who include not only IT, but also compliance, security, and general business executives), as well as their technology partners, need to understand, assess, and respond to the risks associated with shadow IT.

The Real Story Behind Shadow IT

There seems to be a general industry consensus that shadow IT exists, but little understanding of the details. How pervasive is it? Who are the perpetrators, and what are their motivations? Do users and their employers understand the risks; and, if they understand the risks, do they have the means to manage those risks?

To get to the facts, Stratecast conducted a survey of IT employees and Line of Business (LoB) employees who identified themselves as either “decision-makers” or “influencers” of software purchases in their companies. Some findings conformed to our expectations; many others surprised us. And all provide valuable insight for companies and those who sell to them.

Here are six findings that may change how the industry views Shadow IT:

1. Everyone does it.
More than percent of survey respondents admit to using non-approved SaaS applications in their jobs. Only percent of LoB employees and percent of IT employees do not use any non-approved SaaS applications.
Furthermore, non-approved applications represent a sizeable proportion of all SaaS apps used in a company. According to respondents, the average company utilizes around SaaS applications; of these, more than are non-approved. That means businesses can expect that upwards of percent of all SaaS apps are purchased and used without oversight.
The high penetration of non-approved apps argues that such usage is no longer in the shadows, but very open. Furthermore, the similar numbers of departmental and individual users suggests that, while a particular SaaS application may not have been approved by IT, it likely is being overtly or tacitly supported by the employee’s own department. This indicates that corporate and departmental policies or practices may clash, with the department winning.

2. We have met the enemy, and he is us.
Another surprising is that IT users are even more likely than LoB users to adopt non-approved SaaS. Furthermore, IT employees use a higher number of non-approved SaaS applications than LoB. It appears that, in acting as the guardian of corporate technology, the IT department considers itself exempt. Stratecast suspects that this is a case of IT employees’ overconfidence in their ability to assess risks, as well as their greater familiarity with a range of SaaS [...]

Get Industry Insights. Simply.

  • Latest reports & slideshows with insights from top research analysts
  • 60 Million searchable statistics with tables, figures & datasets
  • More than 25,000 trusted sources
  • Single User License — provides access to the report by one individual.
  • Department License — allows you to share the report with up to 5 users
  • Site License — allows the report to be shared amongst all employees in a defined country
  • Corporate License — allows for complete access, globally.

Ahmad helps you find the right report:


The research specialist advised us on the best content for our needs and provided a great report and follow-up, thanks very much we shall look at ReportLinker in the future.

Kate Merrick

Global Marketing Manager at
Eurotherm by Schneider Electric

We were impressed with the support that ReportLinker’s research specialists’ team provided. The report we purchased was useful and provided exactly what we want.

Category Manager at

ReportLinker gave access to reliable and useful data while avoiding dispersing resources and spending too much time on unnecessary research.

Executive Director at
PwC Advisory

The customer service was fast, responsive, and 100% professional in all my dealings (...) If we have more research needs, I'll certainly prioritize working with ReportLinker!

Scott Griffith

Vice President Marketing at
Maurice Sporting Goods

The research specialist provided prompt, helpful instructions for accessing ReportLinker's product. He also followed up to make sure everything went smoothly and to ensure an easy transition to the next stage of my research

Jessica P Huffman

Research Associate at
American Transportation Research Institute

Excellent customer service. Very responsive and fast.

Director, Corporate Strategy at

I reached out to ReportLinker for a detailed market study on the Air Treatment industry. The quality of the report, the research specialist’s willingness to solve my queries exceeded my expectations. I would definitely recommend ReportLinker for in-depth industry information.

Mariana Mendoza

Global Platform Senior Manager at
Whirlpool Corporation

Thanks! I like what you've provided and will certainly come back if I need to do further research works.

Bee Hin Png

CEO at
LDR Pte Ltd

The research specialist advised us on the best content for our needs and provided a great report and follow-up, thanks very much we shall look at ReportLinker in the future.

Kate Merrick

Global Marketing Manager at
Eurotherm by Schneider Electric

Purchase Reports From Reputable Market Research Publishers

OutSystems: An Omni-Channel Low-Code Application Development Platform

  • $ 3080
  • Industry report
  • March 2017
  • by IDC

This IDC Vendor Profile analyzes OutSystems, a company competing in low-code development platforms, which is part of the model-driven application platform software market. This document reviews key success ...

Platform as a Service (PaaS) Market - Outlook (2017-21)

  • $ 3000
  • Industry report
  • February 2017
  • by ResearchFox Consulting

Back in the days when cloud computing was in its infancy, companies started offering Software-as-a-Service (SaaS) and later Infrastructure-as-a-Service (IaaS) were introduced in the market. It is until ...

LAYERS in Platform as a Service (PaaS) Market (2016)

  • $ 3000
  • Industry report
  • February 2017
  • by ResearchFox Consulting

LAYERS in Platform as a Service (PaaS) Market (2015) offers a pictorial summary and comprehensive analysis of the market trends and vendors within. Understanding our research methodologies will help you ...

Download Unlimited Documents from Trusted Public Sources

Software Industry in the US

  • May 2017
    10 pages
  • Software  

  • United States  

View report >

Software Markets in France

  • April 2017
    2 pages
  • Software  

  • France  

View report >

Software Industry in the UK

  • April 2017
    9 pages
  • Software  

  • United Kingdom  


View report >

E-learning Markets

3 months ago

Related Market Segments :



Reportlinker.com © Copyright 2017. All rights reserved.

ReportLinker simplifies how Analysts and Decision Makers get industry data for their business.