More than 80 percent use non-approved SaaS applications in their jobs, said a McAfee study conducted by Stratecast, a division of Frost & Sullivan.
Furthermore, IT employees use a higher number of non-approved SaaS applications than other company employees.
Frost & Sullivan estimates that the overall SaaS market in North America alone will grow at a rate of 16 percent CAGR, reaching a market value of $23.5 billion by 2017.
The cloud makes it relatively easy for employees to acquire and deploy SaaS applications without involving the IT department. As a result, many applications are used by corporate employees and others (such as contractors or business partners) without the participation or approval of the corporate IT department.
The McAfee survey said more than 80 percent of survey respondents admit to using non-approved SaaS applications in their jobs.
Nearly 35 percent of all SaaS applications used within the enterprise are non-approved, contributing to Shadow IT.
Microsoft Office 365 is the top unapproved SaaS application (9 percent of respondents), followed closely by Zoho (8 percent), LinkedIn (7 percent) and Facebook (7 percent).
On average, 15 percent of users have experienced a security, access, or liability event while using SaaS.
IT professionals use Shadow IT more than business users (81 percent of Line of Business users, and 83 percent of IT users).
39 percent of IT respondents use unauthorized SaaS because, it allows me to bypass IT processes, while 18 percent agreed that IT restrictions make it difficult to do my job.
“With over 80 percent of employees admitting to using non-approved SaaS in their jobs, businesses clearly need to protect themselves while still enabling access to applications that help employees be more productive,” said Pat Calhoun, general manager of network security at McAfee.
McAfee suggests that with SaaS application adoption continuing to grow, companies need to develop policies that strike the right balance between flexibility and control.
IT and business leaders need to work together to create and support policies that enable employees to use the apps they need to be productive, with controls in place to protect data and minimize corporate risk.