We've published a great eBook that guides MSPs to combat shadow IT. Shadow IT is software or hardware that circumvents established IT practices and services. Usually, it is the result of employees or teams creating workarounds or using alternative solutions meant to improve their efficiency, productivity, or experience.
This is so important ... not just from a security perspective, but for serious IT management and operational purposes. My team (past life) inventoried PCs that were a bit long in the tooth and deserving of upgrades such as SSDs and RAM. Not every PC had to be replaced; just able to run Windows 10 (Windows 7's EoL prompted all of this). We uncovered an ancient FileMaker Pro database that the QC team had rigged together and been self-managing. Nothing was documented, it wasn't backed up, and it wasn't even supported. We could have wiped it out.
The database contained vital information that needed to be retained for ISO compliance. Guess what happens to a manufacturing company that's in non-compliance with ISO? You could potentially be shut down. My team ended up having to buy several old copies of FileMaker just to get to a supported version as well as backing up the db.
Other examples I've encountered:
- Cheap L1 switches that degraded a CAT6 network and made a VoIP implementation that much harder
- CAD engineers using rogue remote access software
- Support engineers who bought software to collaborate in absence of a CRM system
My MSP didn't pick up on any of this. Imagine how happy your clients will be when you do. I'd have been very appreciative of a partner who saved me the trouble. Turnaround is a pressing issue with MSPs, and being diligent about Shadow IT will make you the most trusted advisor ... not just a commoditiy service provider.