In this article
You might like
No items found.
Spending made smarter
Easy-to-use cards, spend limits, approval flows, vendor payments —plus an average savings of 5%.1
4.8 Rating 4.8 rating
Error Message
No personal credit checks or founder guarantee.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Get fresh finance insights, monthly
Time and money-saving tips,
straight to your inbox
4.8 Rating 4.8 rating
Thanks for signing up
Oops! Something went wrong while submitting the form.
Table of contents

Direct purchasing of SaaS applications and other non-approved software by employees is making it impossible to protect some organizational data, according to almost half of all executives surveyed in a recent poll. 

The IBM/Forbes report also revealed that 60 percent of organizations exclude this problem—known as shadow IT—from their cybersecurity assessments. Unfortunately, the implications of this problem can be quite disastrous, including everything from data loss risks to unaccounted for spending.

What is shadow IT?

Shadow IT is the use of unauthorized or non-standard information technology solutions in organizations. Because software is so easy for anyone to acquire, employees can easily buy and use hardware and SaaS applications without notifying IT or obtaining budget approval.

What are the risks of shadow IT?

1. No oversight into spend

This is a big headache for finance teams and IT managers alike. Without accurate knowledge of IT spending, your finance team can’t brief the executive team with a full picture so they can make important decisions about IT resourcing. And as every modern business leader knows, IT touches every part of the business. When it’s not in good shape, this can create cascading problems across other departments. 

2. IT redundancies and security risks

Shadow IT users may source new applications that overlap with existing solutions in your environment that IT has approved. Not only does this create redundancies across your cloud-first environment, but IBM reports that 46% of IT leaders believe that the purchase of unsanctioned software “makes it impossible to protect all their organization’s data”. 

3. Data silos 

Data needs to be a team sport. If your key people don’t have access to the same data about your operations, performance, and service levels then how can you make the right decisions together as a team? Data silos are one of the most pernicious outcomes of shadow IT, because they grow over time and can become harder and harder to cut back once they do.

4. Stranded financial data

Disorganized and disparate data is not just an in-house problem. As reported in CIO Magazine, shadow IT creates confusion across financial reporting systems, which puts your organization at risk for additional audit fees and SOX violations.

What causes shadow IT?

Employees tend to engage in shadow IT so that they can bypass the often slow and bureaucratic security policies created and enacted by the company's IT department. But there are myriad causes of shadow IT, which can include: 

1. Internal frustration with IT services

Many employees turn to shadow IT out of frustration. This can happen when:

  • An IT department is too slow to respond to service requests
  • An IT department is hindered by legacy software that doesn't have the needed functionality
  • An IT department isn’t providing modern solutions to the problems 

2. The business or finance team has not set a clear IT expense policy

Many companies will have a budget set aside for software that fits the needs of each department. Unfortunately, some businesses lack an open policy that regulates how employees purchase and use devices and third-party apps. Others may have policies that are too strict, where they restrict access to useful solutions. This can bury the IT and accounting department in requests, approvals, and busywork. Along with these points, if there is oversight in creating an expense policy for IT, the following can happen:

  • Budgets get misused since there aren’t clear policies established. 
  • Businesses can face a surge in unapproved software 
  • IT becomes consumerized in a way that makes shadow IT more attractive to employees. 

3. Sign-offs and reimbursement are chaotic

Chaotic expense policies and reimbursement policies can be just as problematic as non-existent ones. If it’s too hard for a self-starting employee to get approval for a useful solution, then they’re going to take matters into their own hands. This can create a big issue for finance teams, where shadow IT casts an ever-growing darkness over expenditure that just can’t be seen until it reaches a crisis point. 

4. Finance lacks control over IT spending

When employees are unsure if there are funds to pay for a new computer or other necessary expenses, employees will look for other options— and this can lead to maverick spend. Without a solid expense policy, or dedicated spend management solutions, staff have no idea if security devices or software applications are approved. 

Examples of shadow IT

A common example of shadow IT is when employees buy devices or software for work that are not approved by the company expenses policy. Other examples of shadow IT include the unapproved purchases of:

  • Physical devices such as flash drives
  • Personal messaging apps on work devices
  • Productivity apps like Asana and other cloud-based services

Shadow IT increases the risk of sensitive commercial data getting into the wrong hands, either through information-gathering activities in the background of apps, or through the obtaining of information by unauthorized employees within a network. Shadow IT represents a problem for all departments and should be tackled through proactive policy and practice-setting led by both the finance and IT departments.

How to reduce shadow IT and control spend in 5 steps

The good news is you can get shadow IT under control. And with more of your employees working from home and looking to find new ways to drive projects forward and maintain their productivity, it's more important than ever to address shadow IT early.

Step 1: Educate your employees about shadow IT

Shadow IT is a problem that can only be solved by employee education and awareness. Tell your teams about the risks associated with shadow IT by training them on security best practices. You can also:

  • Ask employees to disclose the external solutions they are using to handle company data
  • Task IT with establishing security protocols for the use of these applications
  • Continuously monitor the use of these resources across the organization

Education will be far more effective than criticism, because after all, shadow IT users have genuine motivations. They just want to get their work done faster and more efficiently.

Step 2: Implement spend management automation

Left unchecked, shadow IT can be a tough process to wind back. Without digital spend management and oversight, it's practically impossible. Armed with the right software program, IT departments and finance teams can dramatically cut instances of shadow IT, by automating expense approvals and reporting. 

Step 3: Set category spending limits in IT

Guardrails on IT spending can help too. For example:

  • Give your employees the guardrails to buy and use only the very best tools for the job
  • Restrict card spending to certain merchants or SaaS companies
  • Cap purchase volumes in categories like SaaS, computer hardware, and apps

And don’t worry. Setting category spending limits is not about putting a brake on employee productivity or problem-solving. It’s about ensuring the right resources are used by the right people.

Step 4: Automate IT expense reconciliation

Expense reports take forever and are prone to errors. This is why instant reconciliation is a must-have, especially if it’s able to automatically collect, match, and categorize paper receipts in real-time.

Step 5: Transform IT reimbursement

Paying employees back for business-related expenses has always been a slow and cumbersome process. In fact, it’s one of the main drivers of shadow IT. Often, employees would rather power ahead, buy what they think they need, and ask for forgiveness or permission after the fact. 

But now, you can streamline reimbursements by giving employees corporate cards like Ramp that are easy to customize with category limits, spending limits, and merchant limits too.

Bringing shadow IT into the light

When employees use software your IT department isn't aware of, it opens your business up to security risks and opens you up to zombie spend. Anyone who tells you that shadow IT is an easy problem to solve is not giving you the full picture. 

While it can’t be eliminated, it can be radically reduced. You can educate staff, trust them and then verify their commitment by monitoring the expense reports and corporate credit cards given to anyone in the organization. Years ago, that would be a mammoth task. Today, modern spend management tools like Ramp have made shadow IT a far more manageable threat.

Are you ready to reduce the risks of shadow IT with better spend management? Get started with Ramp today.

Try Ramp for free.
Error Message
No personal credit checks or founder guarantee.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
The Ramp team is comprised of subject matter experts who are dedicated to helping businesses of all sizes work smarter and faster.
Ramp is dedicated to helping businesses of all sizes make informed decisions. We adhere to strict editorial guidelines to ensure that our content meets and maintains our high standards.


Don't miss these

No items found.

How Ramp helped Viking Well Service institute a more efficient expense management process

“Having the purchase order and bills all in one place just makes a whole lot more sense for the type of business that Viking’s doing, because you can simplify it down to a one-line-item type deal. That’s really important for control purposes, for visibility."
Chris Lowdermilk, Senior Controller, Viking Well Service

How Ramp Procurement helped NPHY simplify, save time, and improve transparency

“Before Ramp Procurement, requests could take up to a month. Now the process is complete in a matter of days, meaning we can get much needed supplies and focus on delivering care to our clients (teenagers in crisis) faster.”
Michelle LaBonney, Director of Finance & Operations, Nevada Partnership for Homeless Youth

How Betterment manages corporate spend for five entities with Ramp

“With Ramp, we can save rules directly to the card. Transactions from any of our monthly vendors come in already coded, so that’s been a huge time saver.”
Marianne Hawes, Senior Accountant, Betterment

How Alexandra Lozano Immigration Law prepared for scale with Ramp

"I used to have to call our card provider and sit on the phone for a couple hours a week, I don’t have to do that with Ramp.”
Wayne Robinson, CFO, Alexandra Lozano Immigration Law

How Ramp helped Smart City Apartment Locating save time, expedite month close, and grow sustainably

"Five to 15 hours each month of non-value-add activities are off my plate. I’m able to be a strategic advisor versus just a tactical manager when it comes to spend management.”
Dustin Walsted, VP Finance, Smart City Apartment Locating

How TaskHuman built their runway with Ramp

“I’ve pretty much seen or used everything that’s out there, everything does something Ramp does, but nothing does everything Ramp does.”
Matthew Ferguson, Controller, TaskHuman

How First Tee transformed its bookkeeping and saved time with PwC and Ramp

"The efficiency of using PwC Bookkeeping Connect, coupled with the Ramp platform, has probably been about 75% time savings. Instead of every hour I would have had to spend on bookkeeping, I’m probably having to spend maybe 10 or 15 minutes.”
Dan Burke, CEO, First Tee San Francisco