The term "shadow IT" is increasingly dominating the media, especially in connection with the topics of digital transformation, consumerization and IT security. But what is actually hidden behind this term? Which drivers lead to the development of shadow IT? And what does research say - is shadow IT good or bad? We want to report on this in our blog series "Shadow IT – The Background". First, let’s talk about the definition of shadow IT!

Usually, IT departments have a certain number of core systems (office IT, ERP systems, etc.) that have officially been implemented within a company-wide information management system. In contrast, the concept of shadow IT describes IT systems, which business departments and end users introduce by themselves without involving the IT department or the top management. Shadow IT is not included in the IT management of the company and therefore neither strategically planned nor embedded in the enterprise architecture. [1]

Thus, the employees in the business departments buy software or hardware, start developing own application programs or use Excel or Access to create their own applications. They also book software-as-a-service solutions and cloud offerings on the Internet. They do not, however, implement shadow IT from boredom. Instead, they want to increase their work performance with IT to become faster and more flexible. They use and operate shadow IT in their business processes.

Similar and related terms that describe the phenomenon are "Hidden IT", "Feral systems" and non-transparent types of End User Computing (EUC).

Major overlaps exist to the workaround phenomenon, where employees “work” around the given work system to achieve their own goals [2]. This can range from deviations in organizational processes and an unintentional use of an IT system (for example, an e-mail mailbox as a chat program) to the implementation of own shadow IT.

Shadow IT is not a new phenomenon. It exists almost since the introduction of IT into corporate organizations. A first boost can be seen at the end of the 80s / early 90s with the emergence of solutions that enable end users to create own applications without the need for great programming knowledge. This includes, for example, Excel or Access. Originally welcomed by the top management in order to save resources while implementing IT, many of the resulting applications have drifted into the unknown and thus into the shadows over time.

Today, there are new drivers that show the importance of the phenomenon. Considering IT providers, software-as-a-service solutions and the cloud facilitate access to shadow IT. IT vendors often turn directly to business departments to sell their solutions. Considering IT consumers, the user behavior has also developed further. Today, users – digital natives and immigrants – are much more IT savvy. They know smartphones and IT from their daily lives, are used to fast release cycles and transfer these expectations to the IT in the company. If this flexibility cannot be achieved by the IT department, they will use shadow IT.

The background of shadow IT emergence is complex. In the second part of our blog, we will discuss why business departments and users decide to implement shadow IT.


Author: Dr. Stephan Zimmermann