Shadow IT, also known as rogue IT or shadow accounts, refers to the use of software, applications, or IT services outside the control or supervision of the company's IT team. This can occur when an employee uses an unapproved third-party application or when they use cloud services without authorization.
The installation of software or applications not approved by the IT department may be due to users' ignorance of the company's internal rules and the desire to use relevant software in their professional practice, or with the aim of harming the company by circumventing restrictive information policies.
It presents risks to the company's security and compliance, and it is important to monitor and manage it to ensure the security of company data. Solutions installed outside the IT framework are not subject to company protocols or rules.
In addition, free or even paid solutions are not protected in the same way by the IT department and their costs can be significant because the contracts for these solutions are not negotiated by the users.