Shadow IT Pros and Cons to Consider for Your SaaS Strategy

Updated on April 16, 2026 with new dataWith teams spread across the globe and more companies shifting to remote or hybrid work arrangements, the use of SaaS continues to rise. And while IT professionals typically served as the gatekeepers of software solutions for businesses, these decisions are lying more within lines of business and individual employees.

In fact, Zylo's 2026 SaaS Management Index shows IT now manages only 13% of an organization’s SaaS applications, whereas business units now manage 53%. With an average of 3.4% of employees expensing SaaS within their organizations, many apps become shadow IT, which simply means the acquisition of software and services outside the ownership or control of centralized IT organizations.Read on to learn more about shadow IT pros and cons, and how to choose the right framework for your business.

What Are the Shadow IT Benefits?

While shadow IT sounds like something from The Empire within Star Wars, it doesn’t have to be scary. It’s really just an employee-purchased application. Consider these shadow IT pros.

Drives Innovation

The wrong software can hinder employees reaching their full potential. With the right tools within reach, businesses can innovate like never before. Employees can implement new strategies faster without the need to submit an IT request for vetting and approval.

Empowers Employees

Trusting employees to choose the tools they need to effectively do their jobs boosts employee productivity and satisfaction. In a recent Forrester survey, two-thirds of Gen Z and Millennial respondents noted autonomy in choosing the apps, services, and devices they use is a top work priority. As the Great Resignation rages on, attracting the right talent and employee retention prove critical. To balance employee flexibility, many businesses adopt a freedom within a framework approach.

Boosts IT productivity

Without the need to play gatekeeper, IT gains back hours in their day to focus on projects that can impact the company’s bottom line. Added perk: they’re available when an urgent IT need arises. In addition, according to an Entrust survey, 97% of employees report increased productivity when allowed to use their preferred apps and tech.

What Are the Shadow IT Risks?

Employee purchases account for 3% of SaaS spend at the average organization, and these expensed apps rarely receive the same risk assessment and vetting as IT-sourced tools, leaving companies exposed to certain risks. Learn more about shadow IT cons.

Increases Costs

When employees purchase SaaS ad hoc, it leads to duplicate purchases and mischaracterized software. Acquiring more licenses for a specific tool under an enterprise agreement strengthens negotiation power and opens the door for better terms. Apps often auto-renew, and companies can’t prepare for those fees when the software flies under the radar.

Opens Organizations Up to Data Breaches

With shadow IT, employees input business data into self-purchased apps. These apps aren’t vetted by IT or integrated into user-based security processes, putting companies at risk for data breaches. In fact, expensed apps, or shadow IT, are often the riskiest. Our data shows that 59% of expensed apps have a "Poor" or "Low" risk score per Netskope's Cloud Confidence Index.

Data breaches happen even with the most reputable tools. According to IBM's Cost of a Data Breach Report, nearly half of data breaches occur due to human error or system glitches rather than out of malice.

Decreases compliance with data and privacy regulations

Teams using unvetted SaaS face serious risk of costly Health Insurance Portability and Accountability Act (HIPAA) and General Data Protection Regulation (GDPR) violations.[zylo_cta id="16363"]

How to Weigh Shadow IT Pros and Cons

As outlined above, shadow IT isn’t inherently good or bad. An organization’s SaaS governance framework (centralized via an IT team, decentralized, or somewhere in between) is usually an indicator of how it views shadow IT. When creating a SaaS governance framework, companies must consider their risk aversion, desire for innovation, culture, IT capacity, and overall budget. Organizations that adhere to HIPAA face heightened risk, for example. They then should follow these steps:

• Identify and monitor existing SaaS inventory.
• Build a process to manage and control SaaS acquisition.
• Rationalize the application portfolio.

To balance shadow IT pros and cons, consider a freedom within a framework approach. It requires collaboration across departments to establish, and then empowers employees to choose apps they know and love within specific guidelines set by IT. A SaaS Management platform helps implement this framework to manage sprawl and enhance the employee experience.Need help finding out what’s right for your business? Take the quiz in our Freedom within a Framework ebook.