IAM glossary
Shadow it

What is a shadow it?

Shadow IT, also known as phantom computing or ghost accounts, refers to the use of software, applications or IT services outside the control or supervision of the corporate IT team. This can occur when an employee uses an unapproved third-party application or uses cloud services without authorization.

The installation of software or applications not approved by the IT department may be due to users' ignorance of the company's internal rules and the desire to use software relevant to their professional practice, or with the aim of harming the company by circumventing restrictive information policies.

It poses risks to corporate security and compliance, and must be monitored and managed to ensure the security of corporate data. Solutions installed outside the IT framework are not subject to corporate protocols and rules.

What's more, free or even pay-as-you-go solutions are not protected in the same way by the IT department, and their costs can be significant because the contracts for these solutions are not negotiated by the users.

You may also be interested in these definitions:

Find out how to manage your users and their access