1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Stop chasing shadow IT. Start governing around It

    From TechnologyDaily@1337:1/100 to All on Fri May 22 14:30:26 2026
    Stop chasing shadow IT. Start governing around It

    Date:
    Fri, 22 May 2026 13:14:21 +0000

    Description:
    Instead of chasing shadow IT, organizations should shift to real-time, policy-driven governance that operates at the moment decisions are made.

    FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter For years, shadow IT has been framed as a governance failure: the outcome of weak controls, poor
    visibility, or non-compliant employees operating outside sanctioned systems. The response has been consistent: root it out and shut it down.

    Unfortunately, the assumptions underlying this strategy are not just
    outdated, theyre counterproductive. Shadow IT isnt a failure of control. It
    is the natural byproduct of how modern organizations operate. Any strategy built on eliminating it is fundamentally flawed and doomed to a losing game
    of whack-a-mole. Stephanie Day Social Links Navigation

    Vice President for SaaS Management at Calero. Picture shadow IT as weeds in a garden. The weeds crop up not because something is broken, but because growth is constant. You can spend all your time pulling weeds, or you can build a system that manages growth continuously and prevents them from taking root. Latest Videos From You may like Solving the shadow IT crisis in travel Why enterprises need governance frameworks for agentic AI Shadow AI and agents like OpenClaw are hijacking corporate data too easily

    The mistake most organizations make is treating the weeds as an anomaly instead of a natural outcome of a living system. The same is true for SaaS. Shadow IT is the system, not the exception The rise of SaaS, decentralized buying, and frictionless procurement has fundamentally changed how technology enters the enterprise. Business units can adopt tools in minutes, often with nothing more than a corporate credit card and an email address. This is now the default behavior.

    "Research reinforces this shift. Gartner estimates that organizations are typically aware of only ~40% of applications in use and projects that by
    2027, 75% of employees will acquire, modify or create technology outside of ITs visibility.

    This isnt because employees are trying to bypass governance its because the operating model has changed. Decision-making has moved closer to the
    business, and technology is easier to buy, implement, and manage. Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting
    your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

    None of this is inherently bad. But governance frameworks have remained centralized and periodic, creating growing risk and expense.

    Instead of treating shadow IT as a deviation in the system, its far more productive to recognize it as the system itself. The failure of centralized, periodic governance Traditional IT governance was designed for a different
    era one defined by long procurement cycles, centralized ownership, and relatively static technology stacks. In that world, periodic reviews worked. Annual true-ups, quarterly audits, and approval workflows were sufficient to maintain control. What to read next The hidden data layer enterprises can't afford to ignore Governing the hidden risks of generative AI in the
    enterprise Tame your AI gremlins before the chaos becomes permanent

    That world no longer exists.

    Todays SaaS landscape is dynamic, consumption-based, and constantly evolving. Applications can be adopted, scaled, and abandoned in weeks. AI-driven tools introduce variable, event-based cost structures that dont align with fixed governance cycles and can introduce significant financial risk.

    Technology decisions are now frequent, distributed, and continuous. In this environment, the question is no longer Do we know whats happening? but Can we influence what happens next?

    Yet most organizations are still applying old governance models to this new reality, relying on periodic checkpoints to manage a continuous flow of decisions. They detect, report, and analyze but all after the fact. Youre
    not guiding decisions; youre cleaning up after them.

    As not just humans, but also non-human agents, begin making technology decisions faster and more frequently, that delay is exactly why shadow IT continues to grow even as visibility investments increase. Visibility is not the problem OR the solution Most organizations have responded by investing heavily in discovery and visibility tools. They aim to answer questions like: What applications are in use? Who owns them? Who is using them? How much do they cost?

    These are necessary questions, but they are asked far too late. By the time shadow IT is discovered, the decision has been made. The contract is signed. The data is flowing. The risk is introduced. The spend is committed. Shadow
    IT persists not because of a lack of data, but because of a lack of real-time governance.

    When organizations are looking to solve their SaaS problem, they almost
    always already have the data they need. Between SSO logs, expense systems, endpoint telemetry, and CASB tools, they can construct a fairly complete picture of their SaaS environment, especially once given the tools to unify those disparate sources.

    The problem isnt visibility; its turning insight into timely, scalable
    action. From visibility to systems of decision-making More often than not,
    the employee signing up for a tool, the team integrating an application, or the manager approving spend is a good corporate citizen acting rationally in the context of their work.

    Chasing down those decisions after the fact doesnt change the fact that risk has already been introduced, but it does inhibit organizational decision making and slows down the business.

    This is where most SaaS management approaches fall short: they are designed
    to inform, not to act. They surface insights but rely on humans to interpret and respond often too late and at too small a scale to make a difference.

    The alternative isnt unchecked shadow IT. Its shifting from systems that observe to systems that act by moving governance to the point of decision. If technology decisions happen in real time, governance must meet them there.

    Not in a report. Not in a quarterly review. Not after a renewal or security breach. But at the key moments of purchase, access, integration, and usage.

    Governance at the point of decision requires systems that can 1) interpret signals as they happen, 2) Apply policy in context and 3) Trigger action automatically. In other words, they must operate at the speed of business. This doesnt require tighter control, it requires redefining control. The future of shadow IT governance If shadow IT is inevitable (and all evidence suggests it is) then the goal cannot be elimination. It must be integration. Rather than treating it as a mistake, organizations must treat Shadow IT as a signal to be governed.

    That requires a shift from: Detection - Decisioning Use detection to trigger decisions about what should happen next. Periodic reviews - Continuous governance Replace audits and fire drills with real-time monitoring, policy, and automated action. Centralized control - Guided autonomy Allow business units to move independently, with guardrails that guide decisions and enforce accountability without sacrificing speed. Modern SaaS governance systems
    built on policy-driven, event-based models enable this shift by prioritizing action over reporting, which enables organizations to: Detect financial and usage signals at the point of purchase Automatically route new SaaS purchases for lightweight review Trigger access governance workflows when apps
    integrate with identity systems Enforce renewal decisions based on utilization, ownership, and contract terms not just dates When governance systems align with how people actually work fast, decentralized, and outcome-driven they become enablers of innovation instead of obstacles.

    The organizations that succeed in this new era of SaaS and AI wont be the
    ones with the most visibility. Theyll be the ones that can act the fastest
    and most intelligently on what they see, because theyve built governance that operates where it matters most: at the moment decisions are made. We've featured the best business intelligence platform. This article was produced
    as part of TechRadar Pro Perspectives , our channel to feature the best and brightest minds in the technology industry today.

    The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit



    ======================================================================
    Link to news story: https://www.techradar.com/pro/stop-chasing-shadow-it-start-governing-around-it


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)