Shadow IT Expanding Within Federal IT Environments
August 07, 2015

Joel Dolisy
SolarWinds

Share this

Shadow IT and mobile device use continues to expand within federal IT environments, while some IT pros lack control and confidence in their ability to manage the accompanying security risks, according to a SolarWinds survey on the current state of government IT management and monitoring. The survey also found that adoption and benefits of IT shared services are overcoming organizational resistance.

Not Enough Leadership Focus on Shadow IT

While only 12 percent of respondents indicated that shadow IT — when IT systems and solutions are built and used inside organizations without explicit organizational approval — is an area of high importance and leadership focus in their agency, nearly six in ten (58%) expect the use of shadow IT to increase in the next two years.

■ Shadow IT ranked second among areas that IT departments have least control over in terms of management and monitoring

■ Only 13 percent of respondents are very confident in their ability to protect against the negative consequences of shadow IT

■ A majority of respondents (71%) indicate that security consequences are the biggest issue with shadow IT, followed by duplication of IT efforts (50%), lack of interoperability (37%) and lack of adequate performance monitoring (36%)

■ Organizations using management and monitoring tools are significantly more confident than those who do not in their ability to protect against the negative consequences of shadow IT

Low Confidence in Data Protection Persists

Thirty-six percent of respondents indicate that only agency-owned mobile devices are allowed to access to their systems, but 80 percent of respondents still believe that mobile devices pose a threat to their agency’s security and 35 percent don’t provide security training for mobile device users.

■ Only 25 percent of respondents are very confident in their agency’s ability to effectively protect their organization’s data

■ The majority of respondents utilize data encryption (65%), firewall rule audits (60%), mobile device wiping (55%), mobile application inventory and authorization (52%), and two-factor authentication to secure mobile devices (52%), but at least 35 percent of respondent haven’t fully implemented any of these solutions

■ Respondents indicated that securing both the application and the device (43%) was the most challenging aspect of mobile technology security followed by ensuring devices are not infected by malware (37%) and that data is not accessed by unauthorized users (36%)

IT Shared Services Gain Traction and Deliver Benefits

Despite perceived concerns that IT shared services would compromise security, performance and control, more than half of respondents see them as beneficial to all agency stakeholders, including IT department personnel, end users, agency leadership and citizens/constituents .

■ Respondents rated the key benefits of shared services as saving money by eliminating duplication (60%), achieving economies of scale (54%) and standardized IT services for consistent performance (52%)

■ More than 80 percent believe that either an internal shared services model or an outsourced private partnership is most likely to provide superior customer service versus no shared services

■ The biggest widespread adoption barriers for shared services include cultural resistance to change (56%), perceived decreased flexibility (37%) and lack of executive buy-in (37%)

Fully securing a federal IT environment will undoubtedly remain a key concern for IT pros, and as control issues creep in with shadow IT and the mass adoption of mobile devices, security is brought to the management forefront. Agency leaders must not only provide their IT pros with the right tools to maintain control and security of their infrastructure, but remain flexible in considering operational and organizational changes like IT shared services that can help institute agency-wide security protocols and more.

“SolarWinds’ study provides detailed insight into how federal IT pros are adapting, managing and assuring oversight as shadow IT, mobile technology and shared services continue to grow in their environments,” concludes Laurie Morrow, Director of Research Services, Market Connections, Inc. “This research reinforces that fully implementing multiple management, monitoring and security tools provides significantly more control and confidence throughout IT organizations in the wake of this change.”

Joel Dolisy is CIO and CTO at SolarWinds.

Share this

The Latest

May 23, 2024

Hybrid cloud architecture is breaking the backs of network engineering and operations teams. These teams are more successful when their companies go all-in with the cloud or stay out of it entirely. When companies maintain hybrid infrastructure, with applications and data residing across data centers and public cloud services, the network team struggles. This insight emerged in the newly published 2024 edition of Enterprise Management Associates' (EMA) Network Management Megatrends research ...

May 22, 2024

As IT practitioners, we often find ourselves fighting fires rather than proactively getting ahead ... Many spend countless hours managing several tools that give them different, fractured views of their own work — which isn't an effective use of time. Balancing daily technical tasks with long-term company goals requires a three-step approach. I'll share these steps and tips for others to do the same ...

May 21, 2024

IT service outages are more than a minor inconvenience. They can cost businesses millions while simultaneously leading to customer dissatisfaction and reputational damage. Moreover, the constant pressure of dealing with fire drills and escalations day and night can take a heavy toll on ITOps teams, leading to increased stress, human error, and burnout ...

May 20, 2024

Amid economic disruption, fintech competition, and other headwinds in recent years, banks have had to quickly adjust to the demands of the market. This adaptation is often reliant on having the right technology infrastructure in place ...

May 17, 2024

In MEAN TIME TO INSIGHT Episode 6, Shamus McGillicuddy, VP of Research, Network Infrastructure and Operations, at EMA discusses network automation ...

May 16, 2024

In the ever-evolving landscape of software development and infrastructure management, observability stands as a crucial pillar. Among its fundamental components lies log collection ... However, traditional methods of log collection have faced challenges, especially in high-volume and dynamic environments. Enter eBPF, a groundbreaking technology ...

May 15, 2024

Businesses are dazzled by the promise of generative AI, as it touts the capability to increase productivity and efficiency, cut costs, and provide competitive advantages. With more and more generative AI options available today, businesses are now investigating how to convert the AI promise into profit. One way businesses are looking to do this is by using AI to improve personalized customer engagement ...

May 14, 2024

In the fast-evolving realm of cloud computing, where innovation collides with fiscal responsibility, the Flexera 2024 State of the Cloud Report illuminates the challenges and triumphs shaping the digital landscape ... At the forefront of this year's findings is the resounding chorus of organizations grappling with cloud costs ...

May 13, 2024

Government agencies are transforming to improve the digital experience for employees and citizens, allowing them to achieve key goals, including unleashing staff productivity, recruiting and retaining talent in the public sector, and delivering on the mission, according to the Global Digital Employee Experience (DEX) Survey from Riverbed ...

May 09, 2024

App sprawl has been a concern for technologists for some time, but it has never presented such a challenge as now. As organizations move to implement generative AI into their applications, it's only going to become more complex ... Observability is a necessary component for understanding the vast amounts of complex data within AI-infused applications, and it must be the centerpiece of an app- and data-centric strategy to truly manage app sprawl ...