The Financial Impact of Shadow IT

The gap between the business and the traditional IT department is widening. With ever-increasing pressure to perform, employees, frustrated by rigid organizational structures, are circumventing the CIO organization to achieve their own IT outcomes. 

This is known as “Shadow IT.” 

Shadow IT is not a new concept, IT departments have despaired for many years at staff and department who download and install their software to get the job done. The recent explosion in Shadow IT though, has been dramatic because of the rise of SaaS applications.

It occurs most often when employees or teams decide they need to use a file-sharing application, social media platform, or collaboration tool that is not required for the entire company. For example, a marketing team may decide to use Dropbox or Box for file-sharing, without telling the IT department. 

CEB estimates that 40% of all IT spending at a company occurs outside the IT department. Of course, the costs of Shadow IT go far beyond license costs. A recent study from EMC suggests that data loss and downtime cost a total of $1.7 Trillion each year.

To better help you understand the financial impact of Shadow IT, here are all the different ways that Shadow IT can cost your organization. 

Security and Data Breaches

We’ve written before about the top Shadow IT security risks in 2020. Two of the dangers we outlined was ransomware attacks and data breaches.

The average cost of ransomware attacks in the fourth quarter of 2019 reached $84,116 – reflecting a staggering 104% increase from $41,198 in Q4 2018, a report from cyber incident response firm Coveware has found.

That’s just a ransomware attack. In the US, a data breach costs a company on average $8.19 million, an increase from $7.91 million in 2018, and more than twice the global average. The cost per breached record, $242, is steeper too. 

Unused Software Licenses

According to a study from 1E, US organizations wasted $30 billion—yes, billion—on unused software over four years.

1E’s study focused on the US and UK, and it found that approximately $34 billion in yearly licensing waste is generated. 30% of applications go entirely unused, and a further 8% are used less than once a month.

Duplicate Software Licenses

When we talk about redundancy or duplicate apps, we are considering how many different email, file sharing, sales and marketing automation, project collaboration, messaging, and other cloud capabilities are being used.

It’s easiest to illustrate the cost of this with an example. Let’s say your organization has 200 employees with one department of 100 employees who prefer Slack over Rocketchat and another department of 100 employees who choose a to use the duplicate Rocketchat app. 

Your organization is paying $12,000 for 100 employees who use Slack and $24,000 per year for those who use Rocketchat. That’s $36,000 per year for 100 people to use their preferred internal communications tool.

Network Costs

There’s also the cost of providing access to all these shadow apps and services, which can result in network congestion, excessive mobile data charges and lost productivity as business users are forced to provide their own technical support. We can lump all of these costs under the umbrella of “network costs.”


Potential Fines

The existence of Shadow IT should be a prime concern to all companies looking to become GDPR compliant as its existence endangers the security of sensitive data vouchsafed under the new legislation. 

Organizations found to be violating the core principles of the GDPR can incur fines of up to €20 million or 4% of global annual turnover for the preceding financial year, whichever is greater.

The list of costs goes far beyond the five listed above. Usually, business teams won’t have the capability to run new services from an operational perspective and will look to pass them to IT. 



Uncovering and eventually eliminating Shadow IT will, for most organizations, be a long and painstaking process. But it is one they must embrace and execute as thoroughly as possible. Only then can the risks and costs outlined above be eliminated permanently.

Derik Belair

As President and CEO, Derik leads the vision, strategy and growth of Augmentt. Prior to founding Augmentt, Derik was the Vice President at SolarWinds, leading the digital marketing strategy for SolarWinds’ Cloud division. Derik has been working in the channel for over 20 years, starting his career as a channel sales rep at Corel Corp. and eventually becoming the first employee at N-able Technologies in April of 2000.
SUBSCRIBE for more resources
Related Content

What is Augmentt Academy?

  • Products
Augmentt believes that SaaS services is the single biggest source of opportunity for today’s MSP. The Augmentt Academy was designed to help our MSPs build and deliver profitable SaaS Services. [...]

Agent and Agentless

  • Products
When it comes to Augmentt Discover, we believe in flexibility and power. Augmentt Discover can collect SaaS usage data using both an Agent and Agentless model. Here is a quick [...]
Augmentt’s multi-tenant solution gives MSPs visibility across all end-users to easily audit, protect and detect security threats facing the Microsoft environment and manage SaaS.

Want to get the latest resources in Saas Security?

Join our mailing list and we’ll only send you value-add content.