October 19, 2018

Cyber Security Awareness Month: Week 4 – Shadow IT

BCIT IT services provides tools and services to keep our information safe. When users use technology solutions that are unsupported it could put BCIT at risk.

What is Shadow IT?

Shadow IT is “the use of IT-related hardware or software by a department or individual without the knowledge of the IT or security group within the organization” (Cisco, 2018). The most common type of shadow IT in an organization is using unsupported cloud based services.

Services like Dropbox and Google Drive are used by millions of people because they are easy to use and familiar, but are these services supported in your organization? At BCIT the answer is no, which is why we encourage all users to use ShareFile. Our ShareFile service keeps all files onsite here at BCIT in our datacentre. This protects our data and ensures we are following BC’s privacy laws.

Why is Shadow IT important?

In 2016, Gartner, an IT research company concluded that “By 2020, a third of successful attacks experienced by enterprises will be on their shadow IT resources” (Panetta, 2016). This means the less prevalent shadow IT is used at BCIT, our chances of becoming a target of a malicious cyber-attack is reduced.

At BCIT, according to Policy 3502, all users are required to take appropriate measures to prevent loss, damage, abuse, or unauthorized access to information assets under their control.

How Can I help?

BCIT is committed to taking appropriate measures to preserve the confidentiality, integrity, and availability of information and information technology (IT). All users at BCIT are responsible for:


Cisco. (2018, 10 19). What is Shadow IT? Retrieved from Cisco Security: https://www.cisco.com/c/en/us/products/security/what-is-shadow-it.html

Panetta, K. (2016, June 15). Gartner’s Top 10 Security Predictions 2016. Retrieved from Gartner: https://www.gartner.com/smarterwithgartner/top-10-security-predictions-2016/?cm_mmc=social-_-rm-_-gart-_-swg