Shadow IT is a concept whereby an organization’s employees use technology, services, or systems without knowledge of or approval from the IT department.

Simply put, many users opt to make an end run around what they perceive as a stodgy or restrictive IT department to get their needs met in a timely fashion. Shadow IT can help promote user productivity, self-reliance, and technological familiarity, but it can also pose serious risks to data security and corporate compliance. In addition, it can undermine the purpose of having an IT department: To ensure data protection and provide assistance to users when problems occur.

It’s clear that shadow IT has both advantages and drawbacks and needs a well-defined structure for businesses to properly control it. It can be tempting to simply ban shadow IT across the board, but such a policy might only serve to further the concept that the IT department isn’t meeting user or company needs.

This Shadow IT policy from TechRepublic Premium provides guidelines for the appropriate use of shadow IT, explains the restrictions that will apply to it, and defines elements pertaining to employee and IT department responsibilities.