Microsoft recently posted 3 ways to outsmart shadow IT, which talks some technology ways that CIOs can fight against Shadow IT (when employees use technologies not provided/controlled by the company to do their work, such as Dropbox or Gmail).
While security of company information is incredibly important, and Shadow IT must be controlled; it’s important to think of Shadow IT as not just something the Office of the CIO must fight against — Shadow IT should also illuminate areas where a company’s IT infrastructure isn’t supporting the needs of its employees well.
The IT Department should prioritize areas of frequent Shadow IT higher in their backlog to provide more capability — solve the root problem, not the symptoms
If employees frequently resort to shadow IT for project planning, or file transfer, or real-time document collaboration; the CIO team should consider not just email blasts, training, and security monitoring; they should also be considering getting additional capabilities out to their employees in that domain. If it’s not obvious why a type of Shadow IT is persistent, think about asking ‘Why?’ five times to dig into the real reason people keeping trying to circumvent company tools.