New Torii Study Reveals 69% of Tech Executives Say Shadow IT is Top Security Concern
Torii “2022 SaaS Visibility and Impact Report” finds majority of organizations playing SaaS security catch-up, urgent need to de-risk SaaS growth
New York, NY – April 20, 2022 – Torii, the #1 Automated SaaS Management Platform (SMP), today announced its 2022 SaaS Visibility and Impact Report, revealing that 69% of tech executives believe shadow IT is a top concern related to SaaS – or cloud application – adoption. The majority of respondents have made exceptions to their SaaS security protocols, with 80% doing so because the applications were adopted outside IT’s purview. To combat these and other SaaS sprawl concerns, 64% are evaluating or planning to deploy SaaS management tools.
“The new reality of distributed and remote work has driven Shadow IT to a whole new level, empowering employees to provision and manage their own cloud applications. While that’s allowed teams to innovate faster, it’s also led to increased security risk and a complete breakdown of old tools and methods for managing it. They weren’t designed for SaaS and the Shadow IT explosion, and simply cannot keep up,” said Uri Haramati, CEO and co-founder of Torii. “SaaS warrants a completely new approach. Businesses are beginning to realize this and take more effective measures for managing their SaaS stack and mitigating the risks.”
Key findings from the 2022 Torii SaaS Visibility and Impact Report include:
The pandemic accelerated SaaS adoption
Over half (54%) of respondents report their company’s leadership views technology differently now than before the COVID-19 pandemic. Respondents shared that the pandemic increased SaaS tool adoption (53%) – and with that, security risk (32%) – and drove more of a security focus within their organizations (26%).
SaaS app visibility and security risks are top of mind
The biggest security-related concerns among tech executives include shadow IT (69%), offboarding employees from applications (59%), and remote workers exposing data (56%).
Shadow IT are applications that are part of a company’s tech stack but aren’t known to, or therefore, sanctioned by, IT or security teams. Because of this, they can expose companies to significant risk. And with many employees now accustomed to purchasing cloud apps themselves, Shadow IT isn’t going away anytime soon, if at all, as indicated by:
- 52% of survey respondents saying individual employees are purchasing apps without IT’s knowledge
- 36% saying the same is happening with line of business (LOB) managers
If IT and security teams have no visibility into Shadow IT applications, they have no way of protecting the data flowing through them. This becomes increasingly clear when people leave a company when former employees aren’t offboarded from Shadow IT apps – and sometimes even from sanctioned apps. This means they can still access sensitive corporate information.
Likewise, integrations can also not be ignored. With unsanctioned apps often connecting to other tools that contain company data - and vice versa - organizations run the risk of compromising this sensitive information.
Security protocols are lapsing
Adherence to security protocols has suffered. The report found that 55% of organizations have made exceptions to their protocols for SaaS applications. The reason? The vast majority (80%) say it’s because the applications were adopted outside IT’s purview.
Identify access management & single sign on aren’t sufficient
Almost all survey respondents (90%) use identity access management (IAM) or single sign-on (SSO) to reduce exposure to security threats. However, IAM and SSO tools are focused on known applications. They don’t uncover or have visibility into Shadow IT applications. This could be why companies are still wrestling with identity and access challenges.
SaaS management plans are in the works
SaaS applications will continue to dominate organizations’ tech stacks. Virtually all (94%) respondents expect the number of SaaS apps in their company to increase in the next two years.
To uncover Shadow IT and better manage their growing SaaS stack and the risks associated with it, technology executives say they plan to:
- Improve processes (69%)
- Evaluate or deploy SaaS management tools (64%)
- This is in addition to the 16% who say they already use these tools
- Increase IT headcount (50%)
Access the full report
For additional survey findings and details, access the complimentary 2022 Torii SaaS Visibility and Impact Report here.
This survey, conducted by Pulse and Torii in December ‘21 and January ‘22, polled 100 technology executives with more than 75% SaaS software within their organizations to find out how the COVID-19 pandemic has impacted their day-to-day tasks and how their organizations approach IT.
Torii is the #1 Automated SaaS Management Platform (SMP) for today’s increasingly distributed, decentralized businesses. Unlike conventional tools, Torii empowers an organization’s entire business to come together around their cloud apps and stay in perfect sync as their tech stack evolves. This accelerates innovation while eliminating millions of dollars in wasted licenses, hundreds of hours spent on manual operations, and protecting sensitive data flowing through known and Shadow IT apps. Torii’s customers include Carrier Corporation, Instacart, Bumble, Athletic Greens, Palo Alto Networks, and Payoneer. Torii is backed by leading venture capital firms including Tiger Global Management, Wing Venture Capital, Global Founders Capital, Uncork Capital, Entree Capital, and Scopus Ventures. Learn more at www.toriihq.com and follow on Twitter @Torii_hq or LinkedIn.