Close Menu

Search for Keywords...


You’ve Got a Friend in Shadow IT

shadow IT

Let’s take a trip down memory lane. The year is 2009 and the majority of your business applications consist of hardwired, on-premise software. IT and procurement teams serve as the main gatekeepers for choosing the right solutions to support the organization, overseeing vendor relationships, and managing entitlements. Employees rarely (if ever) seek out and purchase new tools – it simply isn’t practical. 

Chart: SaaS Ownership by Send vs Number of Apps 20233Software acquisition looks dramatically different nowadays, thanks to the rise of Software-as-a-Service (SaaS). Individual employees and lines of business (LOBs) are the primary groups purchasing SaaS applications, with IT teams controlling just 31% of the SaaS spend. And organizations are making critical decisions to increasingly implement product-led growth strategies, often leveraging the product as the main vehicle to acquire, activate, and retain customers.

Take Canva, for example. The company offers its popular graphic design tool for free to hook new users. But in order to unlock all of the core features, the user needs to purchase an inexpensive subscription. Because of the low cost and ease of adoption, any employee with an email and credit card can purchase the software independently of your company’s IT oversight.

On one hand, this puts purchasing power directly into the hands of users – departments, teams and employees – to buy the technology and tools they need to be effective. Many would argue that this increases organizational agility, allowing business units and employees to make faster technology decisions and introduce new innovation into their organization. 

On the flipside, this rise of decentralized purchasing of SaaS and services outside of IT does pose risks. This little practice known as shadow IT raises security, budgetary, privacy and compliance issues, as well as licensing restraints—and that’s just the tip of the iceberg. But that doesn’t tell the whole story, because opposing this grassroots phenomenon can actually hold back your organization.

With a dedicated SaaS Management platform serving as your source of SaaS truth, you can peek behind the curtain to bring shadow IT into the light and optimize your SaaS stack, spend, and usage.

Employee-Led SaaS Purchases Are Both a Source of Risk and Innovation

As we discussed previously, shadow IT can lead to wasted spend on redundant SaaS applications, security and compliance risks, and missed renewals. But not all shadow IT is bad.

When employees use an app without IT approval, they are sending a message: And perhaps Brad Pollard said it best on Zylo’s SaaSMe Unfiltered Podcast:

“I don’t think shadow IT is malicious. I think people are trying to get things done. And when you’re working with really smart people, they don’t need your help. They’re going to go do this thing.”

In other words, your employees want and believe this application will give the company a competitive edge because it will make them work smarter and be more productive.

When employees and LOBs utilize the tools that best serve their needs, productivity soars. According to a recent Forrester survey of more than 10,000 users, two-thirds (66%) of Gen Z and millennial workers say autonomy in choosing the apps, services, and devices they use for work is a top priority, while 53% of Gen X workers agree. And while millennials and Gen X workers comprise 80% of the workforce today, the group is forecasted to shrink 6% by 2030, as older generations leave the workforce.

The survey not only demonstrates the impact software autonomy has on today’s workers, it proves to be a key focus for all organizations over the next decade. Your graphic designer likely uses a preferred design platform, just as your CFO favors a specific workflow management tool. Instead of forcing them into a solution, give them skin in the game by allowing them to choose their own tools — with guidance from IT, of course.

Embracing the Power of Shadow IT to Empower Employees with Best-in-Class SaaS

While limiting purchasing of SaaS applications to IT or procurement seems like a simple solution, just note it’s far easier said than done. Any employee with access to a public network can access cloud-based SaaS tools. And employees will likely find workarounds to SaaS discovery measures like single sign-on tools and cloud access security brokers.

Allowing employee-led purchasing is also good for business. According to a survey from Entrust:

  • 97% of employees report feeling more productive when allowed to use their preferred technologies and applications
  • 77% believe their organizations could gain a competitive edge if leaders were more open to finding tech solutions

According to Zylo CEO Eric Christopher, “The solution to shadow IT isn’t to cut back on SaaS — and consequently miss out on gains in productivity and innovation. Rather, your organization needs to identify better ways to detect and govern the shadow applications your employees are using.”

Zylo customer Leah Tubb at Atlassian puts this into action every day.

“We are really big on shadow IT acceptance here at Atlassian and IT does not want to be a bottleneck, is not a bottleneck. If you say you need a tool to make your job easier, you can get it and you can ask for IT to help you get it or you can get it yourself and put it on your computer. And, when it comes down to connecting that tool with other tools, that’s where you’ll have some limitations but we’re encouraged to, hey, if you need to make your job easier, go for it. And so, we also want to know that those items that are shadow IT are going through the same governance process that if they weren’t shadow IT just to make sure that they’re safe and we have the security done correctly.”

How to Manage Shadow IT without Limiting Innovation

So, how do you begin to uncover employee purchasing and shadow applications? Follow these steps:

Discover all of your SaaS applications and establish a source of SaaS truth. Make sure to establish a continuous and frictionless process, as your SaaS stack changes constantly. The average organization adds eight new applications and retires three each month, so constant surveillance remains key. A dedicated SaaS Management platform, such as Zylo, tracks your SaaS purchases in real time, even shadow IT. 


You can set proactive alerts in Zylo to notify you as new applications enter your environment. Inform and track the unvetted applications you find in the shadows to ensure they comply with your organization’s security and compliance rules of governance.

Eliminate unused or underutilized SaaS applications, so you can focus on the tools your employees love, and lower your tech spend, too.


Zylo provides application-specific and feature-level usage data, so you know if and how employees are engaging with SaaS tools and make data-driven renewal decisions. 

Collaborate among IT, procurement, and business units to determine the SaaS applications that best serve your people. 


Coupa, a leading cloud platform for business spend management, used Zylo data insights to reduce its SaaS portfolio from 600 to 400 applications. The savings allowed them to offer best-in-class applications to all employees.

Offer the best SaaS applications and allow employees to choose their favorite tools. 


With Zylo’s App Catalog, your employees can discover a library of IT-approved tools, or search for similar tools if their preferred application isn’t supported by your organization.

Make Shadow IT Your Friend

When it comes to tracking and managing employees purchasing SaaS applications – or shadow IT – it boils down to finding the right balance for your organization and ensuring ongoing visibility of applications and governance. Zylo’s industry-leading SaaS management and optimization platform helps organizations of all sizes uncover shadow IT — and ultimately lower costs and fuel productivity.

Ready to see how Zylo can help you embrace shadow IT and empower employees? Schedule your personalized demo today.



Mady Engelhart

As Product Marketing Manager at Zylo, Mady Engelhart is responsible for developing product messaging and positioning, leading market and competitive intelligence, and creating go-to-market plans for products in conjunction with the marketing organization. Mady has spent her career working at B2B technology companies.