Shining a Light on the Dark Side (and the Jedi Force) of Shadow IT

· Shadow IT

Strategies for uncovering and dealing with Shadow IT; and a healthy perspective on how it can actually be a good thing.

Shadow IT - you know it’s there. You can smell it. The stench of uncertainty, fear, and waste. If you know it, you know it.


Shadow IT is one of the most frustrating and ongoing challenges facing corporate IT, Finance and Procurement teams lately. And with the proliferation of SaaS in the workspace, it’s only growing. We hear from companies every day that they know it’s there and a problem, but have no idea how to tackle it. Is this reminding you of that spreadsheet you started a while back? When managing all of this is becoming your job, it can turn scary real quick.

So now what? In the wise words of our good friend Yoda, “Fear is the path to the dark side. Fear leads to anger. Anger leads to hate. Hate leads to suffering.” And ain’t nobody got time for that.

So we’ll cut to the chase, here’s what we’ve seen work amongst some of the brightest minds in modern IT.

Step 1: Admit there’s an opportunity, not just a problem.


IT is the most important function across the organization. You help people be faster, smarter, more efficient. And antiquated on-premise technology and locally deployed apps have (we think) set back many companies that have been in business for more than 10 years or so. We all know the (unfortunate and untrue) IT stereotypes, and one of our clients Erin Merchant at Envoy put it best. “It’s not my job to be a blocker. It’s my job to enable a large team of self-starters to do their best work.”

That’s the essential shift in perspective. It’s a fine balance to enable people, while maintaining security standards. But it’s not your job to block. “Many of the truths that we cling to depend on our point of view,” Yoda again.

Shadow IT can offer rich learnings on what’s working and not working. Imagine that moment when you see every single SaaS tool in use. When you discover new tools that more teams should use. That rockstar sales guy who’s always digging in to a new SaaS app. Maybe he’s actually on to something. Look at yourself as an enabler, not a blocker. Look at that SaaS sprawl as an opportunity to learn and help your company grow.

Step 2: Grab a flashlight

“In a dark place we find ourselves, and a little more knowledge lights our way.” - Yoda

Just get visibility of all the SaaS in play. Easy right? We help hundreds of companies with exactly that (insert shameless plug for SaaS Operations Management) like Instacart, Talkdesk, InVision, Toast, and more. Seriously though, SaaS Operations Management is the easiest and fastest way to integrate with your existing SSO (single sign-on) provider like Okta or OneLogin. Pairing that with all of your spend through an integration with NetSuite, Concur, etc. will give you that single source of truth. Because manually tracking this in a spreadsheet or through conversations with various departments isn’t going to cut it when the average organization of more than 300 employees has at least 150-300 SaaS apps currently in use. And from our experience, most IT Managers are only aware of 30-50% of those today.

Step 3: Look for patterns and performers

One misstep we often see is judging the effectiveness of a tool by its license volume and costs. We firmly disagree with Han when he said, “It’s best to let the wookie win.” At least in this context. Look deeper for patterns within your licensing. Don’t assume because a massive tool or app ecosystem is in place that it’s the right one.

What are the adoption rates within groups of users? Are there star performers on the sales team who are using a new tool (e.g. Vidyard, Sendoso, etc.) that the bottom performers aren’t? Is there a trend in adoption rates and higher usage compared to approved platforms? If you’re trying to push Microsoft Teams but the trend and engagement with Slack is much higher amongst your star employees… it’s probably a battle you’re not going to win. HR has employee retention goals, FYI. And being overly invested in an ecosystem of tools isn’t an excuse for pushing something that’s not helping people do their jobs better.

Are there new tools popping up through trials or in disparate ways in different departments? That little guy could offer a breakthrough to a workplace challenge or collaboration gap that currently exists.



Step 4: Stop, collaborate and listen. IT’s back with a brand new vision.

I’m here all week. But seriously, make friends with those who can make your job easier. Who is also concerned about shadow IT? You’re likely already in a reactive mode with Finance, Legal, Procurement and other departments who need information and support from you. Think of yourselves as one team. Even friends, maybe. Alignment is critical to everyone being happy and more productive - so get your data together (yes, theirs too) ASAP. It doesn’t have to be a perfect dashboard or workflow, but the sooner you have a shared view the faster you’ll get ahead on SaaS renewals, contract negotiations, SSO and SAML (security assertion markup language) protocols, etc. We see companies having the most success with these particular data points. Whether nailing a shared spreadsheet and macros or a quick integration with a tool like Intello:

  • Overlay spend with usage
  • Shared renewals calendar and reminders
  • Centralize contract and security questionnaires
  • Ensure all stakeholders have reviewed new applications
  • Collaborate to identify redundancies in your SaaS stack
  • Etc

“You will only find what you bring in” - Yoda

Step 5: Change management is real

Preaching to the choir here, change management is a real thing and you deal with it every day. It’s a survival mechanism for people to hate change, but sometimes it’s necessary. Don’t give up when things get ugly when you suggest a new tool or have to shut down access for a rogue SaaS experimenter.

“If you end your training now - if you choose the quick and easy path as Vader did - you will become an agent of evil.” - Yoda

You don’t have to be an agent of evil either. Lean on that shared data. Most often being patient and personal with someone or a team, (backed up by data) will smooth things over. Your staff are reasonable people and when you calmly explain that the app they love now has access to their email, calendars, contacts, mother’s birthday alert, dog photos, and whatever else, they’ll very quickly understand why it’s gotta go.

Step 6: Maintain change

Cool, so you have a clear look at all of the SaaS licenses, usage, spend, renewals and security gaps. Keep it up! How can all of this work for you? Feel the force! Look for ways to integrate your new knowledge with employee onboarding. Build your case for enforcing SSO (that’s a whole blog on its own.) Provide visibility on all of the SaaS in use to employees themselves and gain their involvement in selection and renewals of a single tool. The role of IT is no longer helping the marketing team use the conference room projector (god willing.) Your role is to equip and support your company through constant growth and change, and thinking about that every day will expand your impact.



So I’ll leave you with this final thought from the wise one. “Difficult to see. Always in motion is the future.” And also the inspirational words of Han Solo, “What an incredible smell you’ve discovered!”