By Dinesh Varadharajan, CPO, Kissflow

Shadow IT is now a critical issue faced by many enterprises. It creeps into organizations as business users look for agile technology to meet their needs without the consent of their IT teams. It can begin from a seemingly innocuous action, like using one’s cellular data to access a work-related document to something far more serious, like an entire team using an unapproved chat messenger to exchange files, notes, and even confidential conversations simply because it is faster and more convenient.

Left unchecked, the issues associated with shadow IT can rapidly compound over time. It introduces security threats into the networks and creates scalability issues. This makes it extremely challenging to maintain a balance between IT’s mandate to manage enterprise risk and the business department’s constant requirement of productivity and efficiency.

The rise of low-code in a COVID-19 world
Report: Digital transformation initiatives boost revenue, cut costs

Why shadow IT thrives

While shadow IT has been a decades-old inconvenience for IT teams, the proliferation of sophisticated devices and smart applications in recent years has greatly exacerbated the issue, turning it into a considerable challenge. Thousands of employees, especially those in a remote work setup, may be exposed to security vulnerabilities they know nothing about because they use apps and devices without IT’s sanctions and regulations.

The pandemic’s effect on digitalization and the struggle for digitalization in Asia-Pacific are among the major drivers of shadow IT. Out of 800 business leaders in the region surveyed by Baker McKenzie, only 18% expressed that their digitalization efforts are on track. The survey also found that tech-related regulatory compliance and enforcement would become more vigorous in times to come, as regulatory investigations topped the list of technology-related risks. This presents the urgency to address the issues of shadow IT and recognize the risks therein.

The problem that emerges is twofold. One, IT has little control over the costs associated with such technology. It will forever be in a fire-fighting mode to shut down unapproved apps and control leakages after they happen. Two, the disconnect and discontent between IT and business grows ever larger. In a Deloitte survey, only 41% of companies in APAC were found to be ready to tackle the high levels of technological disruption in the next four years. This proves that businesses in APAC evidently need to bridge the disconnect between IT and business so that they may adapt to the rapid disruption in technology.

Tackling shadow IT with low-code

(Eighty percent) 80% of workers admit to using SaaS (Software-as-a-Service) applications at work without IT approval. What IT needs to do to tackle this is to own the users’ challenges and stay in continuous sync with department heads. Regular, clear communications and asking pertinent questions can help keep tabs on what’s happening at a high level. For instance, the IT leader may want to know if there are processes and workflows that can be improved for business users. Is any team using an unapproved app like Messenger or a project management tool? The idea is not to shut down the team, but to provide them with alternate, secure solutions. One way to do this is by providing users with self-service tools to create their own reports, set up dashboards, or even build apps specific to their challenges.

Low code can play a strategic role here. It provides a secure sandbox to business users and citizen developers. Its visual programming features provide immense flexibility so users can build whatever they want without turning to off-the-shelf apps available on the market.
Apps built using low-code platforms are secure and can be scaled reliably. A simple application built by a citizen developer can be turned into an enterprise-wide solution by the IT professional for mass adoption. This encourages widespread usage since such an application has been built by those who are the closest to the problems that the app seeks to resolve.

The ability to use a platform for prototyping and generating a workflow or even an entire application for production encourages dialogue between the IT team and business users. This is the kind of collaboration necessary to combat the problem of shadow IT.

Bridging the gap

The reason why shadow IT exists is because of a disconnect that exists between IT’s priorities and the business user’s needs. In such an environment it is easy for silos to creep in with each business unit running its own IT show — placing the organization’s security in danger and inflating IT costs.

Successful organizations can spot an opportunity here. IT can become a source of empowerment that collaborates with business users and actively supports citizen development. With a low-code platform, an ecosystem can be created where innovation and creativity thrive, where solutions are more agile and responsive to the dynamic needs of both the users and the market conditions. Only then will Digital Transformation efforts truly spell success.

Kissflow is a work management platform built on a low-code/no-code paradigm used by more than 15,000 customers across 160 countries.