Mitigating the Risks of Shadow IT: Empowering Users with the Right Tools and Training
It's not a common occurrence, but last week, I engaged in a heated discussion regarding the IT department's responsibility to provide the appropriate tools to all business users. Whether it's analytic tools or AI solutions, preventing shadow IT hinges on IT's ability to deliver these resources and training promptly.
In my experience within the banking sector, the proliferation of shadow IT and shadow AI has emerged as a significant challenge. These practices, where employees utilize unauthorized IT resources or AI solutions, often arise from a need to fill gaps in the official offerings of the financial institution. A 2021 Gartner report indicates that shadow IT can account for 30% to 40% of IT spending in large enterprises, underscoring the scale of the issue.
I recall several instances where ambitious teams deployed new functionalities from external vendors to improve, e.g., customer profiling or risk assessment. While the results were positive, the lack of integration with core systems led to inconsistencies in data handling and reporting. This mirrors findings from a McKinsey study, which noted that shadow AI efforts often misalign with a company's overall IT strategy, leading to fragmented implementations.
To address these issues, any IT department must proactively enable all users with appropriate tools and platforms. By providing robust, flexible, and secure IT solutions that meet diverse departmental needs, reliance on shadow IT and shadow AI must be reduced. This approach not only enhances productivity but also ensures adherence to data governance, security, and compliance standards.
Furthermore, investing in user training and support across the organization for these tools ensures that employees can fully utilize the provided resources without seeking unsanctioned alternatives.
In conclusion, by equipping users with the right tools and fostering collaboration between departments and IT, the risks associated with shadow IT and shadow AI must be mitigated. This not only enhances operational efficiency but also strengthens security and compliance posture, aligning with industry best practices and regulatory requirements.
Published in SundayThoughts, technology, risk, all on 18.08.2024 9:40 Uhr. 0 comments • Comment here