[2] While it can promote innovation and productivity, shadow IT introduces security risks and compliance concerns, especially when such systems are not aligned with corporate governance.
[4] In some cases, IT specialists could be recruited or software solutions procured outside of the centralized IT department, sometimes without the knowledge, or approval of corporate governance channels.
Although often perceived as attempts to undermine corporate governance, the existence of shadow IT often is an indicator of needs from individual departments not being satisfied from a centrally managed information ecosystem.
As a notable exception, The Boeing Company has published an experience report[1] describing the number of shadow applications which various departments have introduced to work around the limitations of their official information system.
[11] A 2012 French survey [12] of 129 IT managers revealed some examples of shadow IT : Examples of these unofficial data flows include USB flash drives or other portable data storage devices, instant messaging software, Gmail or other online e-mail services, Google Docs or other online document sharing and Skype or other online VOIP software—and other less straightforward products: self-developed Access databases and self-developed Excel spreadsheets and macros.