The need for digital solutions continues to increase. But with programmer talent shortages and increased costs, it’s not always easy for businesses to quickly onboard new solutions.

Still, employees feel the pressure. They need ways to quickly do their job to meet KPIs, sales goals, and customer demands.

As a result, they lean on unapproved software solutions (known as shadow IT).

How prevalent is shadow IT? What impact do those solutions have on your business? What are the costs and risks?

We flesh out the facts as we review 45 critical statistics about shadow IT and the future of technology in business.

Let’s dive in.

How Much Can Shadow IT Cost Your Business?

Shadow IT costs businesses a lot of money. From out-of-control IT spending, to duplicate licenses to security breaches, ignoring IT protocol can lead to excessive waste.

Shadow IT is 30% - 40% of IT spending in large enterprises

Gartner found that shadow IT is between 30% and 40% of IT spending in enterprise organizations. And Everest Group predicts that it accounts for up to 50% of IT spending.

The average company wastes $135,000 on unnecessary SaaS tools

SaaS waste is prevalent among businesses. The average company spends $135,000 a year on unnecessary software licenses.

The average cost of a data breach is $4.35 million

The Cost of a Data Breach Report 2022 found that the average cost of a data breach is around $4.35 million. And that 60% of data breaches drive increased prices, which are passed onto consumers.

Security Concerns with Shadow IT

Shadow IT is still prevalent.

Despite growing concerns and data showing the need to tighten up the adoption of technology in organizations, IT departments continue to fight a losing battle.

83% of organizations have experienced more than one data breach

IBM conducted a report where 83% of the respondents had suffered more than one data breach in their company’s lifetime.

45% of data breaches happen in the cloud

IBM also found that 45% of the companies researched had cloud-based data breaches. And data breaches in the public cloud cost more than those in a hybrid business model.

Gartner estimated in a 2020 report that one-third of all successful cyber attacks will be on data stored in shadow IT infrastructure.

79% of IT leaders feel data security is the main concern

79% of IT professionals believe that using shadow IT puts company data at risk. These platforms have not been vetted to ensure they can adequately protect sensitive customer and business data.

59% of IT professionals struggle with SaaS Sprawl

In a 2023 report from BetterCloud, 59% of IT professionals of 743 surveyed said they struggle to manage SaaS applications. Respondents also stated that 65% of all SaaS apps aren’t approved by IT.

SasS sprawl is a growing concern, with 68% of IT professionals stating that they removed unnecessary apps within the last year.

77% of IT Professionals feel that shadow IT will become a major issue

Shadow IT will become a major concern for organizations if management doesn’t take action, according to 77% of IT professionals.

And over 37% stated that their organizations do not have consequences for team members who violate IT policies and use unapproved apps.

Only 12% of IT professionals follow up with approval requests

IT teams are overwhelmed with a growing ticket backlog, resulting in only 12% of IT departments following up with requests for new technologies from staff.

91% of IT teams feel pressured to compromise security

The pressure for IT teams to embrace shadow IT is real.

In a survey from HP Wolf Security, 91% of respondents felt pressured by team members to compromise cyber security if it improved business operations. And 50% felt “significant pressure”.

83% of IT teams say enforcing cyber security policies is impossible

Enforcing corporate cyber security policies is a necessary, but frustrating job. And it’s even harder now that more companies embrace remote work.

80% of IT professionals experience pushback from team members who don’t want to deal with controls while working at home.

Even worse, 83% of IT teams feel that it’s impossible to enforce cyber security with personal and professional lives blurred due to remote work.

69% of IT executives feel that shadow IT is a top concern

The 2022 SaaS Visibility and Impact Report stated that 69% of IT executives feel that shadow IT is a major concern for SaaS and cloud adoption.

SaaS sprawl has triggered numerous exceptions to existing IT policies, with 80% of respondents admitting that they make exceptions to existing SaaS security protocols.

Reducing shadow IT can support cost-reduction strategies while keeping critical business data safe.

But it becomes harder to stop once you realize how prevalent it is…

Who Uses Shadow IT and Why?

Shadow IT is less nefarious than you might think. Most of the time, it happens when employees and business leaders use unapproved tools (that they prefer) to do everyday tasks.

It’s not about being defiant. Most of the time, employees just want to get work done.

42% of team members use email accounts not approved by IT teams

In 2020, 42% of respondents said they used unapproved, personal email addresses for work-related purposes. And 38% of employees use unapproved personal messenger platforms to discuss work-related matters.

The other online services where shadow IT occurs are: video conferencing (35%), file storage services (35%), collaboration tools (27%), and file transfer/sharing services (21%).

58% of IT managers use unapproved tools

IT managers are not immune to shadow IT.

In fact, 58% of them use unapproved tools for collaborating and communicating with other team members. On the other hand, only 28% of employees used these types of unsanctioned tools.

53% of departments refuse to use IT-approved tools

Research found that more than half of teams (53%) did not want IT teams suggesting tools for them to use. In fact, 82% of IT professionals have experienced issues with teams when they suggest new tools.

IT often succeeds in getting teams to adopt sanctioned tools (around 63% of the time). Still, team members continue to use tools without approval 13% of the time.

65% of experienced remote workers use shadow IT

65% of employees who worked remotely before the pandemic use some form of shadow IT presently.

This is significantly higher than those who started working remotely after the pandemic. Only 31% of those workers admit to using shadow IT.

Only 15% of Baby Boomers use shadow IT

Millennials are most likely to use shadow IT (54%). On the other hand, Gen X (38%) and Gen Z (33%) are less likely to use unapproved technology at work.

Baby Boomers use shadow IT the least (15%).

Shadow IT appears to be decreasing from 40% to 32%

While numerous employees still use unapproved technology, shadow IT appears to be decreasing. In 2021, use was 40% compared to 32% in 2022.

58% of employees aren’t satisfied with existing tools

Despite businesses expanding their investment technology and SaaS platforms, only 42% of employees are completely satisfied with their employer’s tools.

While this is up from 39% in 2021, there is still much room for improvement.

Baby boomers are more likely to approve of tools. But Millennials (40%) and Gen Zers (63%) feel that these tools are unreliable, broken, and frustrating to use.

They also feel they don’t integrate well with existing systems.

Why Is Shadow IT on the Rise?

Shadow IT isn’t a new concept. But, with the growing need and prevalence of technical solutions, employees are increasingly likely to adopt unapproved tools.

61% of employees aren’t satisfied with existing technologies

61% of employees aren’t satisfied with the tech stack at their jobs. They find these tools to be buggy, unreliable, and unable to integrate with the existing systems.

Despite 85% of employees believing that their business monitors their activity, they still rely on unsanctioned tools.

77% of IT professionals see value in embracing shadow IT

Of 1,000 IT professionals surveyed, 77% believed there would be benefits to embracing shadow IT.


Because there are a lot of tools out there that can improve employee productivity and efficiency.

By automating menial tasks and integrating systems, teams can gain data insights and the time they need to solve strategic problems.

But do you have to embrace shadow IT?

Not exactly.

If you’re skeptical about embracing shadow IT, there is another option.

How to Reduce Shadow IT with Citizen Development

With increasing demands, longer IT approval times, and more applications on the market, employees will continue to adopt new tools to meet the needs of their jobs.

The only way to shift businesses away from shadow IT is to speed up the development of custom solutions that streamline workflows.

And that’s exactly what low-code platforms and citizen development deliver.

Citizen development is the democratization of software development using low-code and no-code technologies. It allows employees to quickly build solutions using visual interfaces.

These platforms empower employees by giving them the tools they need to build the exact solution to their problems. As a result, businesses can reduce shadow IT with citizen development and low-code technology.

The challenge is standing up to these citizen development programs and providing the proper framework and governance. And that’s where citizen development consultants can provide support.

Quandary Consulting Group works with businesses of all sizes to help them launch citizen development programs. From training team members to providing resources and governance, we’re here to help.

Need more information? Reach out today!