blog post cover

How to Discover and Manage Shadow IT

The use of Software as a Service (SaaS) applications has become a common practice in modern workplaces due to their convenience and ease of use. However, with the rise of these applications comes the challenge of shadow IT, where employees use unauthorized SaaS applications, often with good intentions to improve their productivity. Unfortunately, these unauthorized or shadow SaaS accounts can pose significant security risks, compliance issues, and even result in financial wastage.

59% of IT professionals find it difficult to manage the extensive use of SaaS applications, with a significant part of the challenge stemming from shadow IT.

This is further evidenced by the fact that 65% of all SaaS apps are unsanctioned, meaning they are being used without the knowledge or approval of the IT department.

Addressing the challenge of shadow IT requires a methodical approach to discover and manage unauthorized SaaS usage within the organization. Resmo provides insights into the security posture of these applications and assists in remediation, allowing for a more secure and compliant SaaS environment.

In this article, we will delve into how to identify and manage shadow SaaS accounts using Resmo, guiding you through the process to ensure that your organization's SaaS usage aligns with its security and compliance policies. Let’s dive in!

What are Shadow SaaS Accounts?

Shadow SaaS accounts refer to SaaS applications that are used by employees without the approval or knowledge of the IT department. These applications may range from storage solutions like Dropbox to collaboration platforms like Slack. 

While they might boost productivity in the short term, they could also harbor security risks such as data leaks, non-compliance to industry regulations, and even legal liabilities for the organization. The unauthorized nature of Shadow SaaS accounts makes them a blind spot in an organization's security posture, rendering traditional security measures ineffective. 

Therefore, it's essential to have an automated method for discovering and managing these shadow accounts to maintain a secure and compliant operational framework.

Why You Need to Detect Unauthorized SaaS

Data Security:

Unauthorized SaaS applications can pose serious risks to an organization's data security. Without proper oversight, sensitive data can be exposed or misused, leading to potentially severe consequences such as data breaches or loss of critical information.


Compliance with industry regulations and standards is crucial to avoid legal repercussions. Unauthorized SaaS usage can lead to violations of compliance standards, resulting in hefty fines and a tarnished reputation.

Cost Management:

Effective cost management is essential for the financial health of an organization. Unchecked usage of SaaS applications can lead to redundant or unnecessary expenditures, which can significantly affect an organization's budget and financial planning.

Risk Management:

Unauthorized SaaS applications introduce unknown risks. Detecting and assessing these applications is essential for a comprehensive risk management strategy, ensuring that potential threats are identified and mitigated before they can impact the organization.

Also read: Avoid These 5 Common SaaS Attack Techniques

How to Find Shadow IT in Your Company

Discovering shadow SaaS accounts in your organization is a structured process that can be significantly streamlined with the use of Resmo. Follow these steps to set up Resmo and begin identifying unauthorized SaaS usage:

resmo registration page

Step 1. Create a Resmo Account

If you already have a Resmo account set in place, feel free to skip this step. For those who don’t, you can create a Resmo account for free in just a few minutes.

Step 2. Set up Directory

Directory setup for shadow IT discovery

Resmo provides different methods for discovering SaaS applications, one of which is directory integration with Azure Active Directory or Google Workspace, alongside a Chrome browser extension. Following the onboarding process in your Resmo app will guide you through setting up the directory to enable SaaS discovery. 

Step 3. Install the Chrome browser extension

SaaS Discovery can also be conducted using the Resmo browser extension on Chrome, in addition to or as an alternative to directory integration. The extension captures SaaS usage as employees interact with web-based applications using their business email addresses.

Inviting your employees to install the Resmo extension allows the tool to track the SaaS applications they access. (You can see the set up guide for details.) Once Resmo detects a login, the app and the user details will appear on your Apps dashboard. If the app is not authorized, it will be categorized under Shadow Apps.

Your IT team can then review each app to mark it as:

  • Authorized
  • Unauthorized
  • Ignored

Step 4. Connect ChatOps to let employees fix their own security issues

saas security chatops

Resmo identifies security issues across your organization’s SaaS applications, authorized or unauthorized. If you set up ChatOps, Resmo sends timely notifications to issue owners to fix security vulnerabilities in their accounts, increasing your IT and security team’s time management and efficiency.

To set up ChatOps for your Resmo account:

  • Go to Settings > ChatOps.
  • Select the channel you wish to send out notifications such as email, Slack, or Microsoft Teams.
  • Then, set the issue reminder frequency.
  • Done!

Managing Your SaaS in One Place

shadow IT discovery dashboard

After setting up your directory tools and having your employees install the Resmo Chrome extension, you'll begin to see all the SaaS apps used within your organization displayed on Resmo. That means you have successfully automated Shadow IT discovery for your workplace. You can view, authorize, unauthorize, revoke access to them. So, what's next?

  • Set up security policies to receive alerts if any setting in your SaaS apps goes against your security policies.
  • Automate regular SaaS risk assessments.
  • Analyze application usage and see upcoming SaaS renewals.
  • Continuously monitor and review.

Are All Your Team's SaaS Apps Approved?

shadow IT discovery

In any modern workplace, unauthorized SaaS accounts often creep into daily workflows. These shadow accounts, although unnoticed, can introduce critical security, compliance, and operational challenges. With Resmo's structured approach, organizations can not only discover but also efficiently manage these shadow accounts. By taking the steps described in this guide, businesses can be more confident in the SaaS tools their teams are using.

Don't be caught off guard; ensure that your team operates within a safe and compliant SaaS environment.

Need a hand getting started? Let us walk you through a demo. 🚀

Suggested reading:

Continue Reading

Sign up for our Newsletter