Three shadows, one blind spot
It helps to name the three forms this takes, because each one behaves a little differently.
Shadow IT is the original version. It is the hardware, software, and services bought and used without the knowledge or approval of IT.
Shadow SaaS is its modern cousin. Cloud and software subscriptions alike are easy to sign up for, easy to expense, and easy to forget – even if they differ in exactly how they are bought, owned, and renewed
Gartner research finds that IT is typically aware of only about one third of the SaaS applications in use, because ownership is spread across teams rather than held centrally.2
Shadow AI is the newest and the fastest moving. AI and generative AI tools are being adopted faster than security, finance, or IT can put guardrails around them. Flexera found that tracking or adopting new AI applications is now the top combined challenge for the people who manage technology, cited by 84 percent of respondents. Yet only 31 percent say they have visibility into AI usage today, even though 47 percent plan to increase their focus on it. And unlike a fixed subscription, AI now has a meter that runs on tokens, so the cost moves with every use. That gap between adoption and oversight is the heart of the Shadow AI problem.
Three different shadows, but one shared blind spot: technology the business takes on faster than it can be seen, costed, or governed.
2 Gartner Market Guide for SaaS Management Platforms, December 2022: Dan Wilson, Jaswant Kalay, Tom Cipolla, Joe Mariamo.