Shadow IT and Its Damaging Consequences for Companies

Spreadsheets play an indispensable part in the operations of most companies. Frequently, they will provide a working solution where most IT departments will not have the means or time to react as quickly as needed. As such, they offer a huge benefit to business units and the individual users who want to get things done and achieve their goals without having to speak to IT about it or learn how to use a new tool. But with all its usefulness, Excel (and spreadsheets in general) may also be one of the major sources of the problem of shadow IT.

According to Cisco, “Shadow IT is the use of IT-related hardware or software by a department or individual without the knowledge of the IT or security group within the organization.”

Spreadsheet-based shadow IT, then, is the use of Excel or any form of a spreadsheet as a means to achieve greater flexibility and deal with a large variety of problems as they arise in everyday situations. It is a symptom of the internal struggle of organizations to be agile and dynamic while trying to provide a secure and stable IT environment. Yet, unfortunately, spreadsheet-based shadow IT increases systems vulnerability, may violate regulatory compliance standards, creates cost overruns, and more.

As it looks currently, the proliferation of shadow IT will not slow down and will continue to be a serious challenge to enterprise CIOs. So what can be done about it, and how can no-code platforms be part of the solution?

Why does shadow IT exist and what is its impact?

Shadow IT is no little problem.

According to research by Everest Group, spending on shadow IT in large enterprises may comprise as much as 50% of total IT spending. At the same time, losses from the inefficiencies, compromised data, and downtime due to shadow IT amount to about $1.7 trillion per year. And back in 2016, Gartner estimated that by 2020, a third of successful security attacks on enterprises will occur through their shadow IT resources.

Moreover, there’s a lot of shadow IT!

Several years ago, Cisco published a study that found that companies were using “15 times more cloud services to store critical company data” than CIOs were aware of or had authorized. It turned out that where IT departments thought about 51 cloud services were in use, 730 were actually being used. Microsoft also tackles the security issue of shadow IT.

So why does shadow IT show up in organizations? According to Alan McSweeney, its emergence in an enterprise can generally be ascribed to the lack of flexibility in the company’s IT architecture, and specifically:

• The inability to respond to challenges that arise out of business changes
• Lack of organizational IT standards, and therefore lack of internal consistency and commonality
• Lack of internal enforcement of standards and procedures
• Lack of focus on business needs and requirements
• Lack of a common direction or vision
• Growing gaps between groups and teams
• Inability to predict the impact of future changes
• No good understanding of the already deployed solutions
• Rigidity, redundancy, lack of scalability and flexibility in the deployed solutions
• Lack of integration and compatibility between applications
• Fragmented and ad hoc solution delivery driven by a reactive approach

All of the above leads users “on the ground” to seek solutions that allow them to work around these hurdles.

One aspect of shadow IT is the proliferation of spreadsheets that are created to quickly resolve every day or unforeseen problems. I.e. whenever a problem cannot be solved with readily available official solutions, a spreadsheet is seen as a viable and straight forward alternative. This can create uncountable copies of that spreadsheet, once it is shared and reshared with anyone it concerns.

How Excel is important for organizations but why it can hurt them?

When electronic spreadsheets first made their way into organizations they created a veritable revolution. Suddenly all of the paper spreadsheet planning could be transferred to an electronic medium that empowered users in various new ways. Data could now be stored in a more reliable and organized way, and calculations occurred automatically whenever the data was edited.

This, in turn, made it possible to create ever more complex and expanding models and calculations that involved multiple spreadsheets. The medium also provided ever-increasing flexibility that could even handle changes to fundamental assumptions of the models, and still produce results.

Nowadays, spreadsheets are as popular as ever. Everyone has access to Excel or Google Sheets which means that when you send a spreadsheet, you can trust that the other side will be able to open it. Moreover, even though there may be better solutions for a particular problem, working with Excel frequently requires a smaller learning curve which means that people are more likely to stick to it. Finally, it is the flexibility of spreadsheets and the various purposes for which they can be utilized that make sure they remain one of the most popular solutions.

Yet, the widespread use of spreadsheets has also created a certain set of problems.

Enter ‘Excel hell’

This expression is popularly used to describe the state of the havoc that can ensue when spreadsheets get out of hand. It applies to several of the limitations that Excel may present users with.

First of all, there are scalability limitations – spreadsheets cannot operate beyond a certain complexity and amount of data dimensions. But then there is also the complexity of the data itself which users have to be able to follow and retain in their minds. If they don’t, and the data breaks, it can result in days of double-checking the validity and consistency of the data.

Finally, using spreadsheets as a business tool usually ends up creating more spreadsheets. With their proliferation throughout the enterprise, a mountain of uncontrolled data starts to rise. This makes both limiting where the data ends up as well as which spreadsheet version is the final version, close to impossible.

Spreadsheet-based shadow IT and its unwanted consequences

All of the above problems then create what is now known as spreadsheet-based shadow IT. This can briefly be defined as the endless pile of ad hoc spreadsheet-based solutions that employees have come up with in order to overcome day-to-day problems. And it, too, is to be taken seriously.

It is estimated that about 90% of corporate analyses are based on spreadsheets. This is because Excel (and similar solutions, like Google Sheets) is like a veritable Swiss knife. It is the main tool that non-IT users can use to perform dynamic calculations, create lists, evaluate data, etc.

Yet, as much as 88% of all spreadsheets ‘out there’ contain mistakes. Moreover, they frequently exist in multiple different versions, with about 13 people on average editing a single spreadsheet within an organization. All of this can result in as much as $7 billion in losses per year.

Of course, it’s for good reasons that employees make use of spreadsheets. Some of the immediate advantages include:

• The freedom to innovate and solve business requests more quickly
• The enhancement of daily performance and efficiency
• The sense of greater personal freedom and empowerment in doing one’s job
• Increased flexibility and agility in dealing with everyday professional tasks
• Perceived lower costs – a common erroneous belief is that this is cheaper

Yet, the risks and disadvantages of spreadsheet shadow IT far outweigh the advantages. These include:

• High vulnerability and security concerns because of spreadsheets being circulated in ways that allow for little control over where they end up
• Efficiency and performance losses due to broken and/or irretrievable data lost in spreadsheets
• Damages resulting from the intellectual property being shared outside of the company
• Cost overruns and misallocated costs due to additional applications and licenses being required
• Vast amounts of information which is outdated and unnecessary – for example, vaults of information that no one knows about are frequently left behind when an employee changes their job and are then maintained unknowingly by IT
• Practical limitations of using spreadsheets, such as the limited usability on mobile devices, to name just one

Obviously, shadow IT arises out of the lack of flexibility of company IT architecture and the needs of employees to overcome such a lack in the simplest ways possible.

This makes the use of spreadsheets a very immediate and viable solution. Yet, if spreadsheet-based shadow IT is such a problem what can companies do to avoid its pitfalls while still enabling employees to do their work more efficiently and with greater ease?

How to avoid spreadsheet-based shadow IT with no-code?

Recent years have seen the surfacing of the “citizen development” trend. According to Gartner’s Glossary, “a citizen developer is a user who creates new business applications for consumption by others using development and runtime environments sanctioned by corporate IT.”

Citizen development has been cited as one of the ways in which shadow IT can efficiently be addressed and is considered by some “the most important technology tool that CIOs need to look at”. This is because, unlike Shadow IT, approved citizen development solutions offer a safe, fast, and cost-efficient way of responding to business needs as they arise.

An example of an environment that can be used by citizen developers to create applications are no-code app creation platforms such as Open as App. These platforms create a bridge between the needs of users and the requirements of IT departments.

They do so by allowing users to create apps based on spreadsheets in a minimum amount of time, i.e. act dynamically, while providing all the required data security required by IT. In other words, they allow users to turn unmanaged and uncontrolled sheets into managed and controlled ones, and bring such spreadsheets out of the “shadow”.

There are several different dimensions to the impact that a no-code platform like Open as App can have on spreadsheet-based shadow IT. These are the mitigation of shadow IT itself, the benefits to users, and the ROI from implementing no-code.

Mitigating spreadsheet-based shadow IT with a no-code platform:

• Introducing a no-code platform incentivizes or requires, depending on company policy, the gathering of existing spreadsheets in a centralized SharePoint. This helps reduce the mountain of spreadsheets and limits access to the original data to admins. Efficiency and performance losses due to broken and/or irretrievable data lost in spreadsheets
• When creating an app through the platform, the logic of the spreadsheets is retained, allowing users to perform all the operations they need, without requiring access to the original spreadsheet and its data. If a change to the contents or logic of the spreadsheet is required, it is implemented by admins and rolls out immediately to apps (this can also function the other way around – from app to spreadsheet). This helps reduce the mountain of spreadsheets and limits access to the original data to admins.
• Enterprise intellectual property (IP) remains accessible to business users and can be operationalized through an app without being exposed.

Benefits of business users being empowered to create their own apps:​

• Business users are a crucial source of innovation – enabling them to come up with solutions can quickly improve various processes throughout the company.​
• When business users can create their own apps, deep process knowledge does not have to be transferred and explained to solution architects and developers​ – this saves everyone’s time.
• When the barriers to creating solutions are lifted, teams can become faster and more agile, while still complying with data security requirements.
• With data being centralized and utilized through apps, business logic can be easily transformed by the owner ​and rolled out to everyone else.
• Acceptance and adoption rates of new apps or new app features in the organization​ increase, because they are much easier to distribute and test, unlike with passing around a spreadsheet.
• Internal feedback and communication are vastly improved because everyone is speaking about the same app, rather than different versions of a spreadsheet.
• Empowering business users with a no-code platform creates a strong identification with their “own” app​ and increases their engagement and creativity.

Return of invest (ROI) from implementing a no-code solution:

• IT expenditures are lowered
• Faster digital transformation progress
• IT backlog is reduced while IT output is increased
• Shadow IT is significantly reduced
• Hidden enterprise intellectual property (IP) is collected for common use
• No-code is supported by multiple platforms

The above are some of the reasons for building a business case to shift to a no-code platform. Tackling shadow IT is no easy feat since it takes on so many different shapes. Spreadsheet-based shadow IT is one aspect of it that can be addressed easily and efficiently by implementing a citizen development no-code platform such as Open as App.

This has the twofold effect of empowering employees to create new solutions to the problems they routinely face as well as freeing up greater IT capacity to deal with other aspects of shadow IT that go unnoticed. Improving efficiency without sacrificing security is one of the central challenges that CIOs will increasingly be facing when tackling shadow IT.

Would you like to learn more about how to avoid Shadow IT with No-code and Open as App in your company? Our experts are happy to consult with you. Book your free demo now.