The technology stack is large. Empirical stack data recently shared from Zylo, a leading SaaS management platform, shows that even after a year of strict regulations, the average SMB (500 employees or less) still has 162 SaaS apps. I found out something. Medium-sized companies (500 to 2,500 employees) have 245 employees, and large companies have 650 employees.
This isn’t really surprising anymore.
Oh, and by the way, these numbers do not include:
(1) Custom apps built by the Company, including low-code or no-code platforms.
(2) Apps for personal use by employees at no cost to them. The most common examples here are mobile apps such as social media, learning, personal productivity, and creative tools.
(3) the App is used by a freelancer or hired services company, such as an agency, consultancy, or other outsourcing provider; You could say it’s not part of your tech stack, but often input/output flows between their stack and your stack, even if it’s through a manual process.
(4) No one considers the vast number of free and freemium websites used by employees to be “apps,” even though they provide useful data and functionality to run a business. Do you think Google Search is an app? Probably not. But it’s one of the largest and most sophisticated pieces of software on the planet, and there’s no question that your employees use it every day.
In other words, software is pervasive in everything. It’s difficult to know the exact number of all apps used in a company. This is because the further an app is moved away from the central IT “management” part of the technology stack, the less visibility it has.
This foggy frontier is home to Shadow IT. But the visible boundaries of IT are steadily moving outward. Previously, any app not directly managed by the IT department was considered shadow IT. Department-owned apps have now moved out of the shadows and into the sunlight, making up the largest percentage (48%) of officially managed apps within the technology stack. And they account for the majority of spending (69%).
In contrast, IT-owned apps account for only 17% of the apps in the stack and 28% of the spend.
It’s fascinating. Department-level apps, formerly known as shadow IT, have now surpassed IT in total number and spend. More than a decade ago, Gartner’s pioneering analyst Laura McLellan predicted that CMOs would spend more on technology than her CIOs. Many thought the prediction was crazy. not me.She and I jointly wrote an article harvard business review In 2014, we explained the dynamics driving that change. I think it’s safe to say that her predictive insight has been fully validated.
Who is…The Shadow?
So what is Shadow IT today? The Zylo proof stack data I’m citing here is being used outside of formal procurement and governance processes, by individual employees (perhaps on their own, perhaps We define it as an expensive app (for teams).
It is very interesting that this (redefined) shadow IT accounts for 35% of the number of apps in the technology stack, but only 3% of the spend. There are many small apps.
The assumption is that such shadow IT is as bad as trans fats. There are three main reasons:
- This can be a waste of money as it overlaps with existing licenses approved by your IT department.
- It may not be managed by IT, creating security and compliance risks.
- They can become disconnected from the stack, creating silos of data and processes.
These are all legitimate concerns. However, the first one doesn’t seem so terrible when you realize it’s only 3% of your spending. The second and her third are harder to quantify, but this goes both ways. The expected costs of these issues may be small or large, and may only become apparent over time or through stochastic “black swan” events.
But we also need to consider the other side of the equation. Why would people buy such shadow IT? Just to rebel against the empire? Do you have a SaaS subscription? Not exactly a Jedi legend.
Weigh the benefits of shadow IT
Here are the top reasons why individuals and teams adopt SaaS products outside of their company’s official technology stack: to enable them to perform better at work.
The official tech stack may not have an app that does what you need. Or maybe there is, but the way the product works is undesirable in some way. They are difficult to use, do not have adequate functionality, provide substandard output, take too long, and cost too much. Not enough training, not being enabled, etc.
I don’t have any quantitative data to prove it, but everything I’ve heard from my experience and from other people who go outside of the official stack and use other apps is the benefits in creativity, innovation, and productivity. Ha, they. It helps them get “stuff” done. It pushes the frontiers of enterprise processes and capabilities. This helps prevent stagnation of human resources and technology.
Now, that doesn’t eliminate the shortcomings. However, this comes with significant trade-offs. There are risks as well as rewards, balanced on a shadow scale, not only for the individual, but also for the company, which is ultimately the sum of the individual, the team and their influence.
In fact, one of the reasons why this kind of shadow IT is so popular is that many SaaS companies are now building their products and markets on the proposition that they offer free, freemium, or low-cost/high-revenue value. Because you’re building an engine. For individuals and teams. These prove their value in the field and scale up to formal adoption across the enterprise. This “bottom-up” product-led growth (PLG) strategy has proven to be highly effective.
Yes, this is a strategy that will benefit PLG apps. But they only realize their benefits by providing value. Consider the key factors that PLG companies value for both traditional seat-based licensing and usage-based pricing.
Build for openness and build for where your users work. Users need to be able to easily connect to existing ecosystems and workflows. Build for your end users: Make them happy and successful. Deliver product value instantly.Monetization rear You provide value.
I can see the appeal. Especially since, in the eyes of many users, large, legacy-like, enterprise-wide platforms don’t really care about their users’ well-being or personal success. Now that is changing. But frankly, things are changing as these PLG apps have created competitive pressure in the market and raised the bar for solutions across sectors and enterprises.
Another big benefit from these bottom-up PLG apps is increased utilization. People use the apps they want to use. They resist using things they don’t like. And the benefit of individual users and teams paying for their own licenses essentially out of their own budget is that the purchaser and the user are closely tied, even if they are not exactly the same people.
Is it a large enterprise-wide deal where you buy seats in bulk? I think it’s much more likely that you have unused seats piled up in that pile.
Taking this further, PLG products leaning towards usage-based pricing are driving the ultimate alignment of cost and usage. Pay only for what you use and use only what brings value.
thank you, chuck norris Shadow IT apps are meant to push these usage-based models into the competitive dynamics of the market.
Redefine and eliminate shadow IT
Still, the drawbacks remain. And compliance, security, and silos weigh on the other side of the scale. But is there a way to reduce those disadvantages without losing the advantages?
I believe it is possible.
One step is to separate technical and financial approvals for apps used by individuals and teams. This is already being done at departmental level. Marketing departments are responsible for paying for the platforms they use officially, but those platforms increasingly undergo IT reviews for security and other compliance requirements.
Extrude the model to the edge of the tissue. Any app that an individual or team wants to use must undergo a security and compliance review. But the choice to pay for that app is up to the individual or team and their ability to budget and justify its use. Don’t get me wrong, there should be pressure to justify the expense. However, for small expenses, the pressure should be closer to the individual or team, rather than to a distant department not directly related to the use case.
But will it add to the burden of reviewing a large set of apps for security and compliance? Yes. But this doesn’t have to be extreme. This could become a continuum with a larger menu of apps being approved. Not every app on the planet is like that. However, you are not limited to just one within a category. And maybe teams need to “pay” to submit new apps to that review process.
I actually think this is a great opportunity for SaaS management platforms like Zylo to offer more in-depth inspection as a service for popular apps. It can potentially accelerate or optimize your IT team’s review process.
Other ideas could include a “sandbox” structure for new apps on Edge. This allows users to try out a free or freemium app in a limited way and decide if it’s worth nominating for a review.
user teeth I’m currently experimenting with an app using this method. Most companies haven’t created a good framework to do that experimentation in a way that’s visible to IT, so it’s just hidden in the shadows.
I’m going to end this post here because I want it to be a comprehensive book on all the ways you can evolve your app management, formerly known as Shadow IT. (Hmm) But in my opinion, ignoring the good news or ignoring the rock bottom is not a sustainable strategy for companies competing in a rapidly evolving digital world.
Completely eliminate shadow IT with visibility into all your software.
And I couldn’t even reach beyond the company boundaries to the invisible tech stack with all the software-enabled service providers. This topic is for another day.