Shadow IT Expanding Within Federal IT Environments
August 07, 2015

Joel Dolisy
SolarWinds

Share this

Shadow IT and mobile device use continues to expand within federal IT environments, while some IT pros lack control and confidence in their ability to manage the accompanying security risks, according to a SolarWinds survey on the current state of government IT management and monitoring. The survey also found that adoption and benefits of IT shared services are overcoming organizational resistance.

Not Enough Leadership Focus on Shadow IT

While only 12 percent of respondents indicated that shadow IT — when IT systems and solutions are built and used inside organizations without explicit organizational approval — is an area of high importance and leadership focus in their agency, nearly six in ten (58%) expect the use of shadow IT to increase in the next two years.

■ Shadow IT ranked second among areas that IT departments have least control over in terms of management and monitoring

■ Only 13 percent of respondents are very confident in their ability to protect against the negative consequences of shadow IT

■ A majority of respondents (71%) indicate that security consequences are the biggest issue with shadow IT, followed by duplication of IT efforts (50%), lack of interoperability (37%) and lack of adequate performance monitoring (36%)

■ Organizations using management and monitoring tools are significantly more confident than those who do not in their ability to protect against the negative consequences of shadow IT

Low Confidence in Data Protection Persists

Thirty-six percent of respondents indicate that only agency-owned mobile devices are allowed to access to their systems, but 80 percent of respondents still believe that mobile devices pose a threat to their agency’s security and 35 percent don’t provide security training for mobile device users.

■ Only 25 percent of respondents are very confident in their agency’s ability to effectively protect their organization’s data

■ The majority of respondents utilize data encryption (65%), firewall rule audits (60%), mobile device wiping (55%), mobile application inventory and authorization (52%), and two-factor authentication to secure mobile devices (52%), but at least 35 percent of respondent haven’t fully implemented any of these solutions

■ Respondents indicated that securing both the application and the device (43%) was the most challenging aspect of mobile technology security followed by ensuring devices are not infected by malware (37%) and that data is not accessed by unauthorized users (36%)

IT Shared Services Gain Traction and Deliver Benefits

Despite perceived concerns that IT shared services would compromise security, performance and control, more than half of respondents see them as beneficial to all agency stakeholders, including IT department personnel, end users, agency leadership and citizens/constituents .

■ Respondents rated the key benefits of shared services as saving money by eliminating duplication (60%), achieving economies of scale (54%) and standardized IT services for consistent performance (52%)

■ More than 80 percent believe that either an internal shared services model or an outsourced private partnership is most likely to provide superior customer service versus no shared services

■ The biggest widespread adoption barriers for shared services include cultural resistance to change (56%), perceived decreased flexibility (37%) and lack of executive buy-in (37%)

Fully securing a federal IT environment will undoubtedly remain a key concern for IT pros, and as control issues creep in with shadow IT and the mass adoption of mobile devices, security is brought to the management forefront. Agency leaders must not only provide their IT pros with the right tools to maintain control and security of their infrastructure, but remain flexible in considering operational and organizational changes like IT shared services that can help institute agency-wide security protocols and more.

“SolarWinds’ study provides detailed insight into how federal IT pros are adapting, managing and assuring oversight as shadow IT, mobile technology and shared services continue to grow in their environments,” concludes Laurie Morrow, Director of Research Services, Market Connections, Inc. “This research reinforces that fully implementing multiple management, monitoring and security tools provides significantly more control and confidence throughout IT organizations in the wake of this change.”

Joel Dolisy is CIO and CTO at SolarWinds.

Share this

The Latest

September 22, 2017

UK businesses have attained high levels of business-IT alignment in of all sizes, with IT pros demonstrating strong business understanding and business pros exhibiting strong IT knowledge to increase business performance, according to a new survey by ManageEngine ...

September 21, 2017

The increased complexity of new computing architectures coupled with new application development methodologies – especially in the face of time-to-market and security threat pressures – should make secure UX the first strategic decision for CEOs and CFOs on the path to digital transformation ...

September 19, 2017

IT professionals tend to go above and beyond the scope of their core responsibilities as the changing business landscape demands more of their attention, both inside and outside of the office, according to the Little-Known Facts survey conducted by SolarWinds in honor of IT Professionals Day ...

September 18, 2017

Digital video consumption is viral and, according to a new study released by IBM and International Broadcasting Convention (IBC), more than half of the 21,000 consumers surveyed are using mobiles every day to watch streaming videos, and that number is expected to grow 45 percent in the next three years ...

September 15, 2017

No technology that touches more than one IT stakeholder, no matter how good and how transformative, can deliver its potential without attention to leadership, process considerations and dialog. In this blog, I'd like to share effective strategies for AIA adoption ...

September 14, 2017

Enterprise IT environments are becoming more heterogeneous and complex, with fragmentation permeating cloud infrastructure, tooling and culture, according to a survey recently conducted by IOD Cloud Technologies Research in partnership with Cloudify ...

September 12, 2017

One area that enables enterprises to reduce complexity and streamline operations is their virtual desktop infrastructure (VDI). Virtualization is a linchpin of digital transformation and effectively optimizing an enterprise's VDI is essential to moving forward with digital technologies. Delivering the best possible VDI performance means taking a fresh look at what "desktop" means today. The endpoint, or desktop, now can be a physical thin client, a software-defined thin client, a traditional laptop, a phone or tablet. To reduce operational waste and achieve better performance across the desktop environment, consider these five actions ...

September 11, 2017

In incident management, we often overlook the simple things in favor of trying to do too much, too soon. Why not make sure we've done the fundamentals properly? ...

September 08, 2017
For our Advanced IT Analytics (AIA) Buyer's Guide, we interviewed more than 20 deployments to help us better assess vendor strengths and limitations. So given the abundance of riches to work with, I've decided to illustrate several of the more prominent AIA benefit categories with actual real-world comments ...
September 07, 2017

The Input/Output Operations per Second (I/O) capabilities of modern computer systems are truly a modern wonder. Yet no matter how powerful the processors, no matter how many cores, how perfectly formed the bus architecture, or how many flash modules are added, somehow it never seems to be enough ...