Shadow IT Statistics to Know in 2024
The use of SaaS is rapidly increasing, and employees are opting for new SaaS tools due to their ease of use and productivity. This, along with the shift towards remote work and BYOD policies, has further increased shadow IT and SaaS sprawl.
BYOD refers to using one's personally owned device instead of being required to use an officially provided device.
However, some companies are unaware of the Shadow IT concept and fail to implement any security requirements, which can lead to malicious actors gaining unauthorized access to sensitive company data and compromising system integrity.
To emphasize the importance of this matter, we have compiled some interesting statistics on Shadow IT.
Suggested Reading: Most Common Sources of Shadow IT
Shadow IT Statistics
Prevalence and Impact of Shadow IT
- Approximately 85% of businesses worldwide have encountered cyber incidents in the past two years, with 11% due to unauthorized shadow IT usage.
- 60% of organizations fail to include Shadow IT in their threat assessments.
- 58% of companies feel their SaaS security solutions inadequately cover their SaaS environment.
Resmo's Shadow IT App Discovery helps organizations comprehensively track all SaaS applications with the amalgamation of browser and API data, ensuring precise detection without the risk of false positives.
- According to BetterCloud’ report, about 65% of SaaS apps are unsanctioned, and used without IT approval.
- Gartner estimates that 30-40% of large companies' IT expenditure is shadow IT.
- Only 12% of IT departments can keep up with new technology requests, leading to backlog issues.
- Nearly 1 in 2 cyberattacks stem from shadow IT, and the costs to fix them average more than $4.2 million.
Shadow IT and Employee Behavior
- 80% of employees use SaaS apps without IT approval, leaving the corporate network open to security threats.
- Nearly 42% of employees have used personal email, while 38% use personal messaging platforms for work discussions.
- 58% of IT managers and 65% of remote workers before the pandemic are using unapproved tools.
- Despite increased technology investment, only 42% of employees are fully satisfied with their employer's tools.
- 85% of employees think their activities are monitored, yet they still use unsanctioned tools.
- Shadow IT cloud usage is estimated to be ten times the size of known cloud usage.
- One in three employees bypass company security policies to complete their tasks.
Trends and Perspectives on Shadow IT
- 77% of IT professionals see potential benefits in embracing shadow IT.
- 28% of IT leaders use SaaS management tools to monitor shadow IT.
- 59% express concerns about IT spending and cost overruns due to shadow IT.
- Approximately 20-40% of enterprise technology funding occurs outside the IT department.
- Around 21% of organizations lack a policy for the adoption of new technology.
Statistics on SaaS and Cloud Services
- 65% of all SaaS apps are unsanctioned, meaning they are being used without the knowledge or approval of the IT department.
- The average company has 975 unknown and 108 known cloud services.
- Enterprises use 270 to 364 SaaS applications on average, with 52% being unsanctioned.
- 67% of employees at Fortune 1000 companies utilize unapproved SaaS applications.
Security Risks and Challenges
- Shadow IT usage has increased by 59% with remote work, raising data breach risks.
- In 2023, 41% of enterprise employees used technology outside of IT oversight.
- Over 5 billion malicious requests targeted unmanaged corporate APIs in 2022.
- 15.8% of files in cloud-based services contain sensitive data.
- In 2022, the SEC fined Wall Street firms $1.1 billion for using shadow IT communication tools.
Future Predictions and Strategies
- Gartner predicts that by 2025, 70% of Shadow IT will be managed using PaaS capabilities.
- By 2027, 75% of employees will use technology outside of IT oversight.
CISOs also need to look up from their daily challenges and scan the horizon to see what’s coming down the track that might impact their security programs in the next couple of years.
- 69% of tech executives view Shadow IT as a top security concern, with 59% struggling with SaaS sprawl.
Reasons Behind Shadow IT Usage
Although Shadow IT can be a challenge for an organization, it is often adopted for reasons that are very rational from the employee's point of view.
- 91% of teams feel pressured to prioritize business operations over security.
- Employees are increasingly relying on web-based SaaS and tools for work.
- Slow IT response times drive 38% of employees towards shadow IT.
- It is common for employees to be dissatisfied with the tools and applications provided by their organization. In fact, 61% of employees are not completely satisfied with the technologies their company provides.
- Shadow IT usage has increased due to remote and hybrid work, with 65% of remote workers using non-approved tools. While working remotely, 39% of IT managers find assisting employees in resolving IT issues extremely challenging. Meanwhile, 24% of non-IT employees struggle with solving IT issues.
Wrap-up
Given the increasing trend of SaaS adoption and its impact on business operations and security, it's essential to track the adoption and permissions granted to these tools, along with other security configurations that may threaten business integrity and security. However, it's almost impossible to expect someone to achieve this error-free, with every corner covered. Therefore, a monitoring tool would greatly benefit the company and ensure error-free processes in real-time.
Resmo offers capabilities like Shadow IT Discovery, SaaS Risk Assessment, and Security Risk Remediation that can help IT teams take proactive steps to mitigate the risks posed by Shadow IT.
With Resmo, IT teams can rest assured that they can discover Shadow IT and take appropriate steps to address its associated risks.
Ready to see if your organization has Shadow IT? Try Resmo for free.
Keep on Reading
