The silent threat within organisations

Most organisations invest heavily in firewalls, endpoint security, and network protection. Yet a significant risk often lies not within the IT department itself, but in employee work habits. Shadow IT, the use of non-approved applications and tools – is growing faster than ever. Often with the best intentions, but with major consequences for security, compliance, and business continuity.

In this blog we explain:

1. What Shadow IT is and why it arises

2. What risks are associated with it

3. How Joinly provides a solution

4. How Entra ID and Active Directory play a key role in this

What is Shadow IT?

Shadow IT occurs when employees use applications or cloud services without IT department approval. Consider:

• A Dropbox account to quickly share files

• A Trello or Asana board for project management

• ChatGPT or other AI tools where sensitive data is entered

• Personal Gmail accounts to send company information

The reason is almost always practical: employees want to work faster, access user-friendly tools, or simply get their work done without bureaucratic processes. It sounds harmless, but the consequences are often significant.

Why do employees turn to Shadow IT?

Employees mainly turn to Shadow IT when official processes are too slow or when the application landscape within the organisation doesn't sufficiently meet their needs. Many tools available online feel simpler than what is offered internally. Moreover, many employees don't realise that their ‘quick solution’ simultaneously poses a security risk. Shadow IT is therefore rarely the result of malicious behaviour, but rather of efficiency and frustration.

It is rarely about malicious behaviour, but about frustration or efficiency.

The risks of Shadow IT

The risks arising from this are diverse. Sensitive information may end up in unsecured applications, potentially leading to data breaches. For organisations that must comply with standards like ISO 27001 or GDPR, Shadow IT presents significant challenges because it's unclear where data resides. The lack of monitoring and logging also complicates audits and incident response. Furthermore, former employees might still have access to personally chosen tools never included in the official account system. Add to that uncontrolled subscriptions quickly drive up costs, and the impact of Shadow IT is complete.

Joinly as a response to Shadow IT

The solution is not to ban tools or punish employees. Shadow IT is a symptom of a lack of good Identity & Access Management. IAM can steer employee behaviour positively. It works as follows:

1. HR-driven provisioning

   New employees automatically receive the correct access rights from day one, based on their role. No more frustration due to missing tools.

2. Single Sign-On (SSO)

   Direct access to all approved applications with one set of login credentials. This makes the user experience comparable to the ‘quick solution’ of Shadow IT.

3. Self-service access

   Employees can request additional applications themselves through a controlled workflow. Access is automatically approved and set up, without administrative hassle.

4. Automatic deprovisioning

   When someone leaves, all rights are immediately withdrawn. This prevents former employees from maintaining access to systems.

The role of Entra ID and Active Directory

Many organisations still use Active Directory (AD) as the backbone of their identity management. AD is strong in on-premise environments but less suited to the cloud world. This is where Microsoft Entra ID (formerly Azure AD) comes into play.

Active Directory (AD)

• Suitable for on-premises networks

• Manages traditional accounts, printers, servers, and workstations

• Strong in Windows environments

Entra ID

• Designed for cloud and hybrid work setups

• Supports thousands of SaaS applications (Microsoft 365, Salesforce, etc.)

• Offers advanced features such as Conditional Access and Identity Governance

The strength lies in the combination: organisations that cleverly integrate AD and Entra ID gain a unified overview of identities, both for on-premise and cloud. This reduces the likelihood of employees turning to external tools.

Real-world example

A new employee starts at an organisation. Without IAM, it takes days before he has access to the HR application, the CRM system, and the internal knowledge base. Out of frustration, he starts storing documents in his personal Google Drive and uses a free trial of Slack to communicate with colleagues.

With Joinly it’s very different: the HR system automatically creates an account, Joinly links this to AD and Entra ID, and within minutes the employee has access to everything he needs via SSO. Access to other applications is set up via RBAC or ABAC. A detailed explanation of what this entails can be found here: https://joinly.app/blog/rbac-vs-abac-who-gets-the-key-to-your-digital-home

Result: no Shadow IT, higher productivity, and a safe working environment.

Conclusion

Shadow IT is not the problem, but a signal that employees are not sufficiently facilitated. Identity & Access Management makes a difference by combining convenience and security. With HR-driven provisioning, SSO, Entra ID, and AD integration you prevent employees from finding their own ways and create an environment where security and productivity go hand in hand.

👉 Want to learn how Joinly helps organisations reduce Shadow IT and simplify IAM? Contact us to schedule a demo.