Overview of Shadow IT

Modified on Tue, 19 Mar 2024 at 06:01 AM

Shadow IT refers to the use of unauthorized applications, unauthorized users accessing authorized applications, or services by employees without the knowledge or approval of the IT department. 

Josys offers powerful features to detect, track, and manage Shadow IT, ensuring organizations maintain control over their IT infrastructure.

Shadow IT detection methodology:

By leveraging integration with Google Workspace and the Josys Browser Extension, the IT Admin can monitor app usage and identify unauthorized users.

  • Josys effectively manages and tracks unauthorized app access within the organization by leveraging the organization's login credentials for app discovery. 
  • The usage history and activity of these apps are retrieved from Google Audit Logs through integration with Google Workspace, serving as a primary source for Shadow IT detection.
  • While usage is constrained by the number of login attempts, the accuracy of access information remains intact thanks to the cloud app cookie policy accessible through Google Audit logs.

Shadow Users

In the context of Josys, Shadow users refer to employees within the organization who are using unauthorized applications, services, or devices within an organization's network or for work-related purposes without the IT department's knowledge or approval.

These users may have various reasons for using unauthorized apps, such as:

  • Employees who have left the organization but still have access to credentials.

  • Employees who have installed free apps using official credentials without authorization.

Identifying Shadow Users

Shadow Users can be identified either through applications or user profiles. For more details, see Identifying Shadow Users.

Following are some additional details that can help you understand further concepts:

If you use Apps to detect Shadow Users, you will encounter either of the following types of apps:

  • Managed Apps: This section displays usage information for apps that are already integrated with Josys. You can view details such as the number of accounts provisioned, active users, and shadow users
  • Discovered Apps: In this section, all discovered SaaS apps are visible along with detailed information, including the number of times the app was used and the last usage date.

Discovered apps are further classified as: 

  • Integrable Apps: Apps categorized as "Integrable" can be integrated and managed going forward. This allows you to bring these apps under control within the organization.
  • Trackable Apps: For apps categorized as "Trackable", admin can choose to track them for monitoring purposes, even if they cannot be integrated directly into the Josys platform.

For more details, see Integrable and Trackable Apps.

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select atleast one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article