The growth of IT services in K-12 schools over the last few decades is unprecedented. In reality, computers have gone from being a luxury to playing an essential part in many of a school’s day-to-day activities. School operations have gone through a lot of changes. Some have been quite subtle, but others have been pretty noticeable and disruptive (thanks COVID). This growth in K-12 IT has opened up many doors and possibilities, but not all of the doors and possibilities are overt, accounted for, or sanctioned. There has also been a growth in Shadow IT, which can create its own issues and problems down the line. To minimize this, schools and districts should exercise caution and take a proactive approach in policing their networks.
Shadow IT is the use of IT technologies and applications without the formal approval or support of an internal IT department. It usually begins with a user recognizing some shortcoming in the IT available to them and improvising their own work-around (we’ve all found programs we prefer to use and just pay for ourselves!).
In this sense it seems harmless, as users turn to Shadow IT simply to try and do their jobs better and make their lives easier. It can be as simple and seemingly harmless as downloading some software, using a cloud service, or connecting to a network with their smartphone. Some studies show that upwards of 40% of IT spending might be for Shadow IT. The problem is that Shadow IT introduces other unknowns — shadow risk.
There is no way of even knowing or quantifying all of the risks associated with Shadow IT — the potential exposures, inefficiencies, and costs are all themselves dependent on so many unknowns. The simple fact is that it puts potentially sensitive data and systems at risk for being lost, stolen, damaged, or otherwise non-compliant. Shadow IT obscures visibility and compliance while adding vulnerability.
First and foremost, schools need to have clear policies on proper IT usage. This goes for staff as well as students. Everyone in your school community should be clear about what is authorized and what is prohibited, with little room for misinterpretation.
“We never thought of that” simply can’t be something anyone in IT will say. Shadow IT comes up from simple improvisations — in which users see no harm. Because of this, it’s necessary for IT departments to streamline and continually broadcast their approval, governance, and inventory processes.
Steps to Discover and Mitigate Shadow IT
Beyond simple communication, the IT departments in K-12 districts should work on methods of discovering and mitigating Shadow IT. There are technological solutions that help monitor network and device usage for anomalies.
Anything out of the ordinary will be discovered and alert IT staff so that they can intervene. Another good option is for IT departments to maintain close communication with Accounting and Purchasing. This way they can monitor purchases that seem harmless but are not sanctioned..
IT Departments have their work cut out for them but here at Script, we can at least offer some assistance. Our paperless solutions can easily assist schools and districts in securing and streamlining their IT documentation and processes. Schedule an introduction and we can walk you through the potential solutions. You’ll be breathing easier in no time.
Want to learn more? We'd love to hear from you. Send us your information, and we'll reach out to you as soon as possible.