Key Points
- Shadow IT Risks – Unauthorized devices, apps, and cloud tools are widespread in public sector IT, creating major security and compliance threats.
- Hybrid Work Impact – Remote and hybrid work has fueled shadow IT growth, increasing device sprawl and cyberattack vulnerabilities.
- Survey Findings – 52% of employees bypass security policies, 52% use unapproved devices, and 49% rely on unauthorized software.
- Data & Citizen Safety – Weak IT oversight risks breaches, regulatory fines, and exposure of sensitive citizen information.
- Solutions Needed – Public sector IT leaders must improve device management, enforce policies, and foster collaboration between employees and IT to reduce shadow IT.
The public sector hasn’t always had a reputation for digital agility and modern hardware, but that’s beginning to change thanks to COVID-19. Forced to operate from home, public sector employ a mix of devices and cloud strategies to keep city services running. However, these advances could be fueling shadow IT within public sector organizations and leaving them vulnerable to data leakage, theft, or attack.
Reduce shadow IT risk with a reliable endpoint management platform.
To better understand the ways public sector employees are engaging with technology in the workplace and their attitude towards security, NinjaOne has released its new report, Public Sector IT In 2022: Confronting Shadow IT In A Hybrid World, based on a survey of 400 public sector managers across the United States, Europe, and Oceania.
What is Shadow IT?
To set the stage for our discussion, let’s first explore the concept of shadow IT.
Shadow IT refers to any software or hardware utilized within an organization without the IT department’s awareness or approval. This can encompass everything from personal devices to unauthorized applications.
While some users turn to shadow IT to enhance their workflows and improve productivity, it poses significant risks to the security and integrity of the IT environment.
The lack of oversight means administrators are often unaware of these additions, making managing potential issues stemming from shadow IT challenging.
This situation is particularly alarming in public sector IT, where sensitive state and local government data may be vulnerable to these risks.
The scope of the shadow IT problem
The survey found that while many state and local government agencies are regaining a sense of normalcy, most are embracing a hybrid approach. This shift has drastically increased the volume of devices IT teams need to monitor and manage. Unfortunately, some devices and government software, are slipping through the cracks, enabling shadow IT to spread.
Here are some key stats that show how widespread shadow IT is:
- 52% of public sector employees felt they had to frequently or occasionally go around their organization’s security policies to do their jobs
- 52% use unapproved devices for work
- 49% use unapproved software or cloud tools for work
- 51% of public sector employees are spending more time on IT issues since working from home
With so many threats to manage, not prioritizing device management and security dramatically increases the risk an organization faces. Allowing weak links to persist represents a willingness to invite cyberattacks and regulatory fines. Plus, it can put citizens’ personal information at risk – harming the same people those in the public sector work hard day and night to support.
Standardize device and software control across your hybrid workforce.
What needs to happen
Allowing shadow IT to persist may seem harmless, but it has real consequences.
Public sector IT leaders need to focus on facilitating dialogue between employees and IT staff to understand what isn’t working regarding security policies and turn to technology to make device and user management unintrusive.
To learn more, download the full report:
