Optiv Cybersecurity Dictionary

What is Shadow IT?

Shadow IT, also called Stealth IT or Client IT, is hardware or software used within organizations without explicit organizational approval.


The cloud economy has made massive amounts of technology easily accessible to a huge base of corporate buyers. For example, it's now common to see smaller departments within a company — or even individuals within a company — independently procure and utilize SaaS solutions without explicit support from the IT department. Shadow IT refers to these types of technology initiatives that exist without the knowledge of the IT department. Shadow IT can introduce security risks and compliance concerns because it hasn't been officially vetted by the IT security team.

Contact Us