• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

Red Sift Blog

Red Sift Blog
  • redsift.com
  • Featured
  • Who are we?
  • Get in touch
You are here: Home / Email / How can you shine a light on shadow IT?

How can you shine a light on shadow IT?

by Clare Holmes
February 26, 2018August 16, 2022Filed under:
  • DMARC
  • Email

A 2018 study by digital ops company PagerDuty highlighted how stressful life is for IT professionals, and this is a very real problem facing HR teams and senior IT execs everywhere.

How can businesses help manage the work/life balance of IT employees that not only have to keep systems running for hundreds of colleagues across multiple regions but then leave the office only to remain ‘on call’. Add the increasing concern of shadow IT to the mix, and your IT bods are facing burnout.

From BYOD to the IoT and Shadow IT, the pressure on IT teams continues to intensify. Employees bringing their own devices into the corporate environment, or the dawn of internet-connected devices, may be a progression of technology in the workplace. Shadow IT, however, is one stressor that needs to be examined and brought into the light.

What is shadow IT?

Shadow IT can refer to anything that is brought onto the corporate network without the knowledge of IT – from installing new web browsers or adding Slack to communicate more quickly with international colleagues – all done in the name of improving productivity but ultimately without the blessing of IT. Similarly, marketing teams may seek out bulk email systems that can offer more granularity on responses and better marketing automation.

If you have nothing to do with managing IT systems in your business, you probably won’t even have heard of shadow IT. But it’s keeping your IT teams up at night, and it’s probably not doing your business any favors either. So where’s the harm in employees trying to make the business more efficient?

Uncovering your stealth systems

How does Shadow IT come about? Mainly because once employees feel that their IT teams are failing to respond to the pace of the business and not delivering on their requirements, they’ll try and get the job done another way. In most cases, employees aren’t trying to circumvent IT but are simply wanting to meet their own deadlines and alleviate job pressures. And this is how they fall into the shady area of shadow IT deployment.

These stealth systems aren’t sanctioned by IT and can pose a huge risk to an organization. They also aren’t monitored by IT, so updates, security patches, and general management isn’t undertaken and many remain outside the corporate firewalls.

Here’s a worrying example of when shadow IT backfires on the employee. If you were one of the users that had a Dropbox account in 2012, happily storing mountains of confidential corporate information in a bid to streamline data storage for your department, you’d be having to fess up to your IT team in 2016 when Dropbox actually announced the four-year-old hack. Your harmless oversight of using unauthorized programs may have resulted in significant data theft.

Renegade marketers

And so for many marketers, the concerns around using third-party email providers to send out emails on behalf of their organization isn’t immediately apparent. It’s normal industry practice to use third-party organizations to eliminate the otherwise time-intensive task of sending and managing email campaigns. But you can quickly end up in a situation where, due to legacy systems in place and employee turnover, nobody in the company knows exactly who is sending out emails on behalf of the organization.

And you know those deliverability problems that afflict your marketing campaigns? The ones that no matter how much you tweak the email content still don’t get the deliverability and open rates you hope for? Well, that shadow IT may be to blame as, the email service providers running your campaigns may not be compliant with sender regulations, meaning your carefully-worded emails might not even be reaching your customers.

Easily authenticate your email service providers

Email protocols that can uncover and authenticate email senders are an often overlooked option for IT teams, who want to eliminate shadow IT and give marketing teams the freedom to communicate by email in a secure way. Implementing the email protocol DMARC uncovers all the email services sending email from your domain, whether you officially know about them, or not.

Matt Towell, group senior IT engineer at ADS Group faced shadow IT concerns within his organization. Once DMARC had been implemented, the landscape changed: “Using [the DMARC reports] has helped with several routing and delivery issues we had relating to SPF and DKIM records and authorized senders.”

So not only does DMARC show you exactly who’s sending emails from your domains, but it eliminates phishing attacks originating from your domain. And for those marketing teams worried about their email campaigns, it gives a failsafe on email deliverability, ensuring your brand reputation stays intact and the recipients of your emails receive legitimate emails.

Banish the shadows with OnDMARC

Sometimes the solution to a problem can be found in the most unlikely of places, and as we’ve shown here, that’s certainly true when it comes to shadow IT and DMARC. Those on the IT side of the fence can begin to take back control and secure the systems in use throughout the organization. For marketers, once the IT team knows about the services you’re using, they can help you fine-tune them and get your marketing machine running smoothly.

The DMARC protocol is key in the battle against shadow IT. To quickly check your current SPF, DKIM, and DMARC setup today, use our free investigate tool.

check email dmarc setup

Share this:

  • Click to share on Twitter (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)

Related

Tagged:
  • DMARC
  • Email
  • Information Technology
  • Infosec

Post navigation

Previous Post Top 5 Email Deliverability Killers
Next Post And on that Bombshell: a personal reflection on what we can learn from the life of Hedy Lemarr

Primary Sidebar

Subscribe to our blog and be the first to get updates!

Categories

  • AI
  • BEC
  • BIMI
  • Brand Protection
  • Coronavirus
  • Cybersecurity
  • Deliverability
  • DMARC
  • DORA
  • Email
  • Finance
  • Labs
  • News
  • OnINBOX
  • Partner Program
  • Red Sift Tools
  • Work at Red Sift
  • March 2023
  • February 2023
  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • November 2018
  • October 2018
  • September 2018
  • August 2018
  • July 2018
  • June 2018
  • May 2018
  • April 2018
  • March 2018
  • February 2018
  • January 2018
  • December 2017
  • November 2017
  • October 2017
  • September 2017
  • July 2017
  • June 2017
  • May 2017
  • April 2017
  • March 2017
  • October 2016

Copyright © 2023 · Red Sift