In this article
You might like
No items found.
See the latest spending trends for 25k+ companies on Ramp

Benchmark your company's expenses with Ramp's data.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Spending made smarter
Easy-to-use cards, spend limits, approval flows, vendor payments —plus an average savings of 5%.1
|
4.8 Rating 4.8 rating
Error Message
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Get fresh finance insights, monthly
Time and money-saving tips,
straight to your inbox
|
4.8 Rating 4.8 rating
Thanks for signing up
Oops! Something went wrong while submitting the form.
Ready to partner with Ramp?
Time is money. Save both.
Ready to partner with Ramp?
Time is money. Save both.
Ready to partner with Ramp?
Time is money. Save both.
Table of contents

Direct purchasing of SaaS applications and other non-approved software by employees is making it impossible to protect some organizational data, according to almost half of all executives surveyed in a recent poll. 


The IBM/Forbes report also revealed that 60 percent of organizations exclude this problem—known as shadow IT—from their cybersecurity assessments. Unfortunately, the implications of this problem can be quite disastrous, including everything from data loss risks to unaccounted for spending.

What is shadow IT?

Shadow IT is the use of unauthorized or non-standard information technology solutions in organizations. Because software is so easy for anyone to acquire, employees can easily buy and use hardware and SaaS applications without notifying IT or obtaining budget approval.

What are the risks of shadow IT?

1. No oversight into spend

This is a big headache for finance teams and IT managers alike. Without accurate knowledge of IT spending, your finance team can’t brief the executive team with a full picture so they can make important decisions about IT resourcing. And as every modern business leader knows, IT touches every part of the business. When it’s not in good shape, this can create cascading problems across other departments. 

2. IT redundancies and security risks

Shadow IT users may source new applications that overlap with existing solutions in your environment that IT has approved. Not only does this create redundancies across your cloud-first environment, but IBM reports that 46% of IT leaders believe that the purchase of unsanctioned software “makes it impossible to protect all their organization’s data”. 

3. Data silos 

Data needs to be a team sport. If your key people don’t have access to the same data about your operations, performance, and service levels then how can you make the right decisions together as a team? Data silos are one of the most pernicious outcomes of shadow IT, because they grow over time and can become harder and harder to cut back once they do.

4. Stranded financial data

Disorganized and disparate data is not just an in-house problem. As reported in CIO Magazine, shadow IT creates confusion across financial reporting systems, which puts your organization at risk for additional audit fees and SOX violations.

What causes shadow IT?

Employees tend to engage in shadow IT so that they can bypass the often slow and bureaucratic security policies created and enacted by the company's IT department. But there are myriad causes of shadow IT, which can include: 

1. Internal frustration with IT services

Many employees turn to shadow IT out of frustration. This can happen when:

  • An IT department is too slow to respond to service requests
  • An IT department is hindered by legacy software that doesn't have the needed functionality
  • An IT department isn’t providing modern solutions to the problems 

2. The business or finance team has not set a clear IT expense policy

Many companies will have a budget set aside for software that fits the needs of each department. Unfortunately, some businesses lack an open policy that regulates how employees purchase and use devices and third-party apps. Others may have policies that are too strict, where they restrict access to useful solutions. This can bury the IT and accounting department in requests, approvals, and busywork. Along with these points, if there is oversight in creating an expense policy for IT, the following can happen:


  • Budgets get misused since there aren’t clear policies established. 
  • Businesses can face a surge in unapproved software 
  • IT becomes consumerized in a way that makes shadow IT more attractive to employees. 

3. Sign-offs and reimbursement are chaotic

Chaotic expense policies and reimbursement policies can be just as problematic as non-existent ones. If it’s too hard for a self-starting employee to get approval for a useful solution, then they’re going to take matters into their own hands. This can create a big issue for finance teams, where shadow IT casts an ever-growing darkness over expenditure that just can’t be seen until it reaches a crisis point. 

4. Finance lacks control over IT spending

When employees are unsure if there are funds to pay for a new computer or other necessary expenses, employees will look for other options— and this can lead to maverick spend. Without a solid expense policy, or dedicated spend management solutions, staff have no idea if security devices or software applications are approved. 

Examples of shadow IT

A common example of shadow IT is when employees buy devices or software for work that are not approved by the company expenses policy. Other examples of shadow IT include the unapproved purchases of:

  • Physical devices such as flash drives
  • Personal messaging apps on work devices
  • Productivity apps like Asana and other cloud-based services

Shadow IT increases the risk of sensitive commercial data getting into the wrong hands, either through information-gathering activities in the background of apps, or through the obtaining of information by unauthorized employees within a network. Shadow IT represents a problem for all departments and should be tackled through proactive policy and practice-setting led by both the finance and IT departments.

How to reduce shadow IT and control spend in 5 steps

The good news is you can get shadow IT under control. And with more of your employees working from home and looking to find new ways to drive projects forward and maintain their productivity, it's more important than ever to address shadow IT early.

Step 1: Educate your employees about shadow IT

Shadow IT is a problem that can only be solved by employee education and awareness. Tell your teams about the risks associated with shadow IT by training them on security best practices. You can also:

  • Ask employees to disclose the external solutions they are using to handle company data
  • Task IT with establishing security protocols for the use of these applications
  • Continuously monitor the use of these resources across the organization

Education will be far more effective than criticism, because after all, shadow IT users have genuine motivations. They just want to get their work done faster and more efficiently.

Step 2: Implement spend management automation

Left unchecked, shadow IT can be a tough process to wind back. Without digital spend management and oversight, it's practically impossible. Armed with the right software program, IT departments and finance teams can dramatically cut instances of shadow IT, by automating expense approvals and reporting. 

Step 3: Set category spending limits in IT

Guardrails on IT spending can help too. For example:

  • Give your employees the guardrails to buy and use only the very best tools for the job
  • Restrict card spending to certain merchants or SaaS companies
  • Cap purchase volumes in categories like SaaS, computer hardware, and apps

And don’t worry. Setting category spending limits is not about putting a brake on employee productivity or problem-solving. It’s about ensuring the right resources are used by the right people.

Step 4: Automate IT expense reconciliation

Expense reports take forever and are prone to errors. This is why instant reconciliation is a must-have, especially if it’s able to automatically collect, match, and categorize paper receipts in real-time.

Step 5: Transform IT reimbursement

Paying employees back for business-related expenses has always been a slow and cumbersome process. In fact, it’s one of the main drivers of shadow IT. Often, employees would rather power ahead, buy what they think they need, and ask for forgiveness or permission after the fact. 

But now, you can streamline reimbursements by giving employees corporate cards like Ramp that are easy to customize with category limits, spending limits, and merchant limits too.

Bringing shadow IT into the light

When employees use software your IT department isn't aware of, it opens your business up to security risks and opens you up to zombie spend. Anyone who tells you that shadow IT is an easy problem to solve is not giving you the full picture. 


While it can’t be eliminated, it can be radically reduced. You can educate staff, trust them and then verify their commitment by monitoring the expense reports and corporate credit cards given to anyone in the organization. Years ago, that would be a mammoth task. Today, modern spend management tools like Ramp have made shadow IT a far more manageable threat.


Are you ready to reduce the risks of shadow IT with better spend management? Get started with Ramp today.



Try Ramp for free
Error Message
 
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
The Ramp team is comprised of subject matter experts who are dedicated to helping businesses of all sizes work smarter and faster.
Ramp is dedicated to helping businesses of all sizes make informed decisions. We adhere to strict editorial guidelines to ensure that our content meets and maintains our high standards.

FAQs

Don't miss these

No items found.

How The Second City expedited expense management and gained financial control with Ramp

“Just do it:” How Bratjen Construction Modernized Processes, Saved Time, and Improved Accuracy with Ramp

“Prior to Ramp, we had a handful of cards that our owners and leadership had access to, but it was more of a trust based system. Ramp has allowed us to give cards to more people, but the controls in Ramp ensure that the cards are used properly.”
Michael Irvin, Director of Operations, Bratjen Construction

How MAGNA-TILES® implemented a corporate card program, reduced stress, and prepared to build with Ramp

"In my day-to-day, Ramp helps me resolve things quickly and expedite month-end close. From an overall holistic business standpoint, we now have the ability to quickly scale as we add new users. It’s kind of crazy how quickly things have grown here, and Ramp has been a great partner for us in that growth.”
Tim Borse, Assistant Controller, MAGNA-TILES

How Eventbrite streamlined processes and improved UX with Ramp

"The Ramp dashboard easily shows how many cardholders are paying for the same subscription. Now the procurement team has the information they need to negotiate a corporate package.”
Laura Moreno, Sr. Manager, Global AP, Eventbrite

How Boys & Girls Clubs of America improved efficiency, gained visibility over spend, and regained lost time with Ramp

How Evans Hotels saved time and gained spend visibility with Ramp

“Ramp has been a big win for us when it comes to transparency and visibility. If the executive team wants to dig into spend at a property or review purchases the teams are making, we can have that information really quickly and are confident it’s accurate.”
Caryn Fink, Director of Accounting, Evans Hotels

How Ramp became KIPP Nashville’s biggest financial win

"There was no fire drill for the beginning of the school year this year, because the schools had a process. Ramp will ingest the line items automatically, so no more manual import. It’s made the process so much easier."
Carey Peek, CFO, KIPP Nashville Public Schools