What companies need to do about dangerous shadow IT

If employees use software without the knowledge of the IT department, shadow IT is created. Avision explains why this is an acute danger and what measures companies need to take to prevent it.

Companies rely on a whole range of different tools and technologies in their day-to-day digital business. In order to prevent data and security problems, IT departments keep official lists of the software used, keep them up to date and develop them further. However, there are often countless other programs hidden in the shadows that employees use without the knowledge of the IT departments, carelessly but usually without malicious intent. What causes this shadow IT, what problems does it lead to and how do companies need to counteract it?


Shadow IT exists as a parallel world alongside the officially managed applications and can nevertheless achieve the same significance. However, the many small tools, open source products or interfaces to official applications are not documented in the shadow world and are not part of the monitoring.


Unofficial software leads to security vulnerabilities, for example when undocumented interfaces allow unauthorized access to sensitive data. The Log4j problem also clearly shows that companies should not rely on external applications. This quickly leads to a loss of control and unwanted legacy code: IT departments must avoid both at all costs.


Complicated processes and tight budgets encourage the emergence of shadow IT. Budding mistrust between the specialist department and IT can also quickly lead to employees relying on their own applications.


IT departments can prevent employees from installing new software by making appropriate default settings. However, systems and projects must also be checked for existing shadow IT. The first step is to take stock, as legacy code and unofficially used applications are more widespread than many IT departments are willing to admit. The company structure also needs to be scrutinized. Shadow IT can be prevented with the right processes, such as a company suggestion scheme for new solutions. When it comes to unofficial tools, companies should engage in self-reflection: Why was the software chosen? Is the function missing from the official list? Why was it not included?

“It is perfectly legitimate for employees to decide for themselves what they need to work,” explains Nadine Riederer, CEO at Avision. “However, the right communication with the relevant departments is crucial. In this way, it can be clarified whether the purchase of a tool generally makes sense for the company and whether it should be included in the official list. Discussions with the IT department can prevent a lot of work and shadow IT.”

This press release is also available at www.pr-com.de/de/avision.

Press contact

Avision GmbH
Christina Karl
Bajuwarenring 14
D-82041 Oberhaching
Tel. +49-89-623037-967


Melissa Gemmrich
Sendlinger-Tor-Platz 6
D-80336 München
Tel. +49-89-59997-759


Related Posts


Managers, do your homework!

First modernize the IT landscape, then think about AI Everyone is talking about AI. Suddenly everyone wants ChatGPT to write texts for them. Other AI

Read more
Avision Erfolgsgeschichte im Rückblick: Flagge von Rumänien an einem Fahnenmast vor bleuen Himmel

Avision expands into Romania

Avision has opened a location in Romania. From the offices in Brasov (Kronstadt), local specialists are now strengthening the software development and testing department and

Read more

B2Run 2023

On July 11, eleven runners from the Avision team took part in the B2Run in the Olympiapark. Despite very high temperatures, everyone crossed the finish

Read more