Swathes of employees are using cloud-based software-as-a-service (SaaS) applications without the consent or knowledge of the IT departments, according to research.
A study conducted by Stratecast (a division of analyst house Frost & Sullivan) on behalf of antivirus company McAfee interviewed more than 600 IT and business decision makers in North America, the UK, Australia and New Zealand from companies with between 1,000 and 10,000 employees.
It found that more than 80% of survey respondents 'fessed up to using non-approved SaaS applications in the workplace, with Microsoft Office 365 ranking as the top non-approved service having being used by 9% of respondents. It was closely followed by rival cloud-based productivity suite Zoho (8%), LinkedIn (7%) and Facebook (7%).
In the dark
Almost half (44%) of respondents said they were familiar with non-approved SaaS apps and were more comfortable with using them as a result.
A third (33%) of respondents said they use them because the IT approval process is "too slow or cumbersome", and 23% said that it suited their needs more than their IT-approved equivalent.
Overall, McAfee found that nearly 35% of all SaaS applications used within enterprises are non-approved and contribute to so-called "Shadow IT", which it defines as "the use of technology within an organisation neither approved by the IT department nor obtained according to IT policies".
In a statement, Lynda Stradtmueller, program director of Cloud Computing analysis at Stratecast, said that the use of non-IT approved SaaS apps can lead to risks associated with security, compliance and availability.
She said: "Without appropriate knowledge, non-technical employees may choose SaaS providers or configurations that do not measure up to corporate standards for data protection and encryption. They may not realize that their use of such applications may violate regulations concerning handling and storage of private customer data, leaving the company liable for breaches."
Frost & Sullivan estimates that the overall SaaS market in North America will expand in value to reach $23.5 billion. The market for security-based cloud services is also set to boom, according to analyst house Gartner, which predicts that the cloud-based security services market will be worth $2.1 billion in 2013, rising to $3.1 billion in 2015.