Shadow IT Expanding Within Federal IT Environments
August 07, 2015

Joel Dolisy
SolarWinds

Share this

Shadow IT and mobile device use continues to expand within federal IT environments, while some IT pros lack control and confidence in their ability to manage the accompanying security risks, according to a SolarWinds survey on the current state of government IT management and monitoring. The survey also found that adoption and benefits of IT shared services are overcoming organizational resistance.

Not Enough Leadership Focus on Shadow IT

While only 12 percent of respondents indicated that shadow IT — when IT systems and solutions are built and used inside organizations without explicit organizational approval — is an area of high importance and leadership focus in their agency, nearly six in ten (58%) expect the use of shadow IT to increase in the next two years.

■ Shadow IT ranked second among areas that IT departments have least control over in terms of management and monitoring

■ Only 13 percent of respondents are very confident in their ability to protect against the negative consequences of shadow IT

■ A majority of respondents (71%) indicate that security consequences are the biggest issue with shadow IT, followed by duplication of IT efforts (50%), lack of interoperability (37%) and lack of adequate performance monitoring (36%)

■ Organizations using management and monitoring tools are significantly more confident than those who do not in their ability to protect against the negative consequences of shadow IT

Low Confidence in Data Protection Persists

Thirty-six percent of respondents indicate that only agency-owned mobile devices are allowed to access to their systems, but 80 percent of respondents still believe that mobile devices pose a threat to their agency’s security and 35 percent don’t provide security training for mobile device users.

■ Only 25 percent of respondents are very confident in their agency’s ability to effectively protect their organization’s data

■ The majority of respondents utilize data encryption (65%), firewall rule audits (60%), mobile device wiping (55%), mobile application inventory and authorization (52%), and two-factor authentication to secure mobile devices (52%), but at least 35 percent of respondent haven’t fully implemented any of these solutions

■ Respondents indicated that securing both the application and the device (43%) was the most challenging aspect of mobile technology security followed by ensuring devices are not infected by malware (37%) and that data is not accessed by unauthorized users (36%)

IT Shared Services Gain Traction and Deliver Benefits

Despite perceived concerns that IT shared services would compromise security, performance and control, more than half of respondents see them as beneficial to all agency stakeholders, including IT department personnel, end users, agency leadership and citizens/constituents .

■ Respondents rated the key benefits of shared services as saving money by eliminating duplication (60%), achieving economies of scale (54%) and standardized IT services for consistent performance (52%)

■ More than 80 percent believe that either an internal shared services model or an outsourced private partnership is most likely to provide superior customer service versus no shared services

■ The biggest widespread adoption barriers for shared services include cultural resistance to change (56%), perceived decreased flexibility (37%) and lack of executive buy-in (37%)

Fully securing a federal IT environment will undoubtedly remain a key concern for IT pros, and as control issues creep in with shadow IT and the mass adoption of mobile devices, security is brought to the management forefront. Agency leaders must not only provide their IT pros with the right tools to maintain control and security of their infrastructure, but remain flexible in considering operational and organizational changes like IT shared services that can help institute agency-wide security protocols and more.

“SolarWinds’ study provides detailed insight into how federal IT pros are adapting, managing and assuring oversight as shadow IT, mobile technology and shared services continue to grow in their environments,” concludes Laurie Morrow, Director of Research Services, Market Connections, Inc. “This research reinforces that fully implementing multiple management, monitoring and security tools provides significantly more control and confidence throughout IT organizations in the wake of this change.”

Joel Dolisy is CIO and CTO at SolarWinds.

Share this

The Latest

February 22, 2018

Everyone wants to talk about how analytics is the future of network engineering and operations. The phrase "network analytics" is used by vendors of various stripes to imply that a particular technology is smarter and better than the average solution. But what is it? What does the term network analytics mean to the enterprise network infrastructure professionals? ...

February 21, 2018

Three out of four (76%) of organizations think IT complexity could soon make it impossible to manage digital performance efficiently, according to the Top Challenges Facing CIOs in a Cloud-Native World report from Dynatrace ...

February 20, 2018

The Global CIO Point of View report compiled by ServiceNow notes that 89 percent of organizations are either in the planning stages or are already taking advantage of machine learning. Nearly 90 percent of the CIOs surveyed anticipate that increasing automation will increase the speed and accuracy of decisions, and more than two-thirds believe that decisions made by machines will be more accurate than human-made decisions ...

February 16, 2018

The enterprise WAN is unable to keep up with digital transformation demands, according to Foundation for Digital Transformation, a new research report, authored by Ensemble IQ and supported by InfoVista. This challenge was universal across all three vertical industries surveyed — retail, manufacturing, and banking/financial services ...

February 15, 2018

Achieving optimum Java Virtual Machine (JVM) performance is key to ensuring proper memory management and fast application processing. According to a Cornell University study, a 1-millisecond improvement in the performance of a trading application can be worth $100 million a year to a major brokerage firm. Because of this potential for loss, IT teams owning banking, financial, trading and other Java-based applications place a high value on having a proper JVM monitoring strategy in place ...

February 13, 2018

APM had to evolve to keep pace with development velocity and maintain the service quality for the modern applications born out of digital transformation. Automation and artificial intelligence (AI) technologies are critical to the next step in APM evolution, helping to address speed, scalability and intelligence demands ...

February 12, 2018

A worldwide survey by Gartner, Inc. showed that 91 percent of organizations have not yet reached a "transformational" level of maturity in data and analytics, despite this area being a number one investment priority for CIOs in recent years ...

February 09, 2018

Mobile app performance is still a significant issue. In a new report from PacketZoom, The Effect of Mobile Network Performance on Mobile App Users, 66% of consumers said reliable mobile app performance is "very important" — second only to mobile app security ...

February 07, 2018

IT departments that shift from reactionary fire fighters to becoming proactive business partners find their ticket counts reduced from 20 to 50 percent or more. The strategies outlined in Part 1 of this blog may all sound like a great way to turn IT into a strategic, proactive business-enabler, but how can companies turn strategy into reality? The following are three best practices ...