For organisations that feel like they are fighting a losing battle with the security risks associated with shadow IT, you have to ask yourself – what does controlled enablement actually look like today?
Using your IT department to control employee activity to reduce security risks across your network isn’t a new request, but the mantra that IT needs to operate by now is “quid pro quo”.
New tools and apps can be brought into the corporate environment, provided (though without being an obstacle) certain guidelines and standards are adhered to. This will minimise the risk of cybercrime and is more proactive than demanding approval is sought from IT, but instead more akin to the mindset of providing a corporate app store.
For every daily function, IT should provide a selection of apps or platforms for employees to pick and choose from. To be of practical and safe use, the options provided have to offer variation in their interface and use in order to prevent the principle trigger for employees doing their own thing – poor user experience.
From an IT department’s perspective, they of course also require interoperability and compatibility. However, the success of these platforms will often depend on creating a single sign on experience, allowing employees to gain access to all systems without being prompted to log in again at each of them as they inevitably switch from one environment to another.