14 potential costs of shadow IT

Buying specialized technology. Various systems are available that can identify and track suspicious IT activities in a firm’s technology infrastructure. IT can source these through internet searches and in some cases through vendors, such as cloud service firms. Companies may also need additional software licenses, maintenance, patching and vendor technical staff as a result of shadow IT damages and efforts to deal with them.

Dismantling shadow IT activities. Once technology teams identify egregious shadow IT activities, they need to shut down activity as soon as possible, or perhaps move into an operating environment securely firewalled from other IT production systems, depending on company policy.

Reconfiguring disrupted or compromised network resources. Reconfiguring affected network routing and termination points can be costly and can include repairing or replacing servers, switches, routers, power systems and other assets.

Addressing data center infrastructures issues. Organizations with large data centers must proactively ensure the integrity of those centers. More critically, they must address disruptions to physical security systems as quickly as possible to prevent unauthorized access. Hiring vendors and consultants may also be a part of this.

In addition to all of the costs mentioned above, shadow IT opens up vulnerabilities and increases the likelihood of ransomware costs and other information security issues.

About the author
Paul Kirvan is an independent consultant/IT auditor and technical writer, editor and educator with more than 25 years of experience in business continuity, disaster recovery, security, enterprise risk management, telecom/IT auditing and over 30 years of experience in technical writing/editing, technical training and public speaking.