{"id":7493,"date":"2024-04-18T09:00:00","date_gmt":"2024-04-18T09:00:00","guid":{"rendered":"https:\/\/www.securitytoday.de\/2026\/04\/02\/post_id-5002\/"},"modified":"2026-05-10T19:05:38","modified_gmt":"2026-05-10T19:05:38","slug":"shadow-it-in-the-enterprise-when-marketing-teams-set-up-their-own-servers","status":"publish","type":"post","link":"https:\/\/www.securitytoday.de\/en\/2024\/04\/18\/shadow-it-in-the-enterprise-when-marketing-teams-set-up-their-own-servers\/","title":{"rendered":"Shadow IT in the Enterprise: When Marketing Teams Set Up Their Own Servers"},"content":{"rendered":"<p><strong>A marketing manager books a web server, installs WordPress, and goes live with a landing page  &#8211;  without IT, without a security review. Shadow IT is the most underestimated security risk  &#8211;  and it grows with every no-code platform.<\/strong><\/p>\n<h2>TL;DR<\/h2>\n<ul>\n<li>Over 40 percent of IT spending bypasses the IT department<\/li>\n<li>Shadow IT systems have no patches, no monitoring, no backups<\/li>\n<li>The GDPR makes shadow IT a compliance risk<\/li>\n<li>Governance works better than prohibition<\/li>\n<\/ul>\n<h2>Why Shadow IT is Booming<\/h2>\n<p>IT takes six weeks. AWS takes six minutes. No-code platforms like Webflow and Zapier are fueling the trend.<\/p>\n<h2>Real Risks<\/h2>\n<p><strong>Unpatched Systems:<\/strong> WordPress without maintenance = open door after six months.<\/p>\n<p><strong>Data Protection:<\/strong> Customer data in Google Sheets without an AVV = GDPR violation.<\/p>\n<p><strong>Credentials:<\/strong> Every shadow system has its own logins  &#8211;  without SSO, without MFA.<\/p>\n<h2>The CDO as Bridge Builder<\/h2>\n<p>Self-service platforms with hardened environments, vetted SaaS catalogs, regular audits as inventory.<\/p>\n<h2>Conclusion<\/h2>\n<p>Shadow IT disappears when official IT is faster than the workaround.<\/p>\n<h2>Key Facts<\/h2>\n<p><strong>Scope:<\/strong> Large enterprises use 1,200+ cloud services  &#8211;  IT knows less than 30 percent (Gartner).<\/p>\n<p><strong>Costs:<\/strong> 30-40 percent higher total costs due to redundancies and incidents.<\/p>\n<h2>Frequently Asked Questions<\/h2>\n<h3>How do I find shadow IT?<\/h3>\n<p>CASB tools, credit card analysis, anonymous employee survey.<\/p>\n<h3>Should I completely ban it?<\/h3>\n<p>No  &#8211;  it only drives usage underground.<\/p>\n<h3>Who is responsible?<\/h3>\n<p>Department for data, IT for technology, CDO for governance.<\/p>\n<h2>Related Articles<\/h2>\n<ul>\n<li><a href=\"https:\/\/www.securitytoday.de\/en\/2026\/03\/05\/post_id-3819\/\">DsiN Annual Congress 2026: Digital Security in the Connected Society<\/a><\/li>\n<li><a href=\"https:\/\/www.securitytoday.de\/en\/2026\/02\/24\/post_id-3529\/\">Multi-Cloud Security 2026: The 5 Biggest Risks and How to Solve Them<\/a><\/li>\n<li><a href=\"https:\/\/www.securitytoday.de\/en\/2026\/02\/20\/post_id-3839\/\">Cybersecurity 2030: Five Predictions for the Next Decade of IT Security<\/a><\/li>\n<\/ul>\n<h3>More from the MBF Media Network<\/h3>\n<ul>\n<li><a href=\"https:\/\/www.cloudmagazin.com\" target=\"_blank\" rel=\"noopener\">Cloud Trends on cloudmagazin.com<\/a><\/li>\n<li><a href=\"https:\/\/www.digital-chiefs.de\" target=\"_blank\" rel=\"noopener\">IT Strategies on digital-chiefs.de<\/a><\/li>\n<\/ul>\n<p style=\"text-align: right; font-size: 0.85em; color: #888; margin-top: 2em;\"><em>Header Image Source: Pexels<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"A marketing manager books a web server, installs WordPress, and goes live with a landing page &#8211; without IT, without a security review. Shadow IT is the most underestimated security risk &#8211; and it grows with every no-code platform. TL;DR Over 40 percent of IT spending bypasses the IT department Shadow IT systems have no [&hellip;]","protected":false},"author":10,"featured_media":5004,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_yoast_wpseo_focuskw":"shadow it","_yoast_wpseo_title":"Shadow IT in the Enterprise: When Marketing Teams Set Up Their Own Servers","_yoast_wpseo_metadesc":"Shadow IT security risks: Protect your enterprise from unauthorized servers and data breaches. Discover how to regain control\u2014learn more now.","_yoast_wpseo_meta-robots-noindex":"","_yoast_wpseo_meta-robots-nofollow":"","_yoast_wpseo_meta-robots-adv":"","_yoast_wpseo_canonical":"","_yoast_wpseo_opengraph-title":"","_yoast_wpseo_opengraph-description":"","_yoast_wpseo_opengraph-image":"","_yoast_wpseo_opengraph-image-id":0,"_yoast_wpseo_twitter-title":"","_yoast_wpseo_twitter-description":"","_yoast_wpseo_twitter-image":"","_yoast_wpseo_twitter-image-id":0,"_evm_translation_lang":"","featured_post":0,"featured_post_sortierung":0,"_wp_old_slug":["post_id-5002"],"footnotes":""},"categories":[251],"tags":[245],"class_list":["post-7493","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","tag-compliance"],"evm_reading_time_minutes":2,"wpml_language":"en","wpml_translation_of":5002,"_links":{"self":[{"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/posts\/7493","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/users\/10"}],"replies":[{"embeddable":true,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/comments?post=7493"}],"version-history":[{"count":3,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/posts\/7493\/revisions"}],"predecessor-version":[{"id":10107,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/posts\/7493\/revisions\/10107"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/media\/5004"}],"wp:attachment":[{"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/media?parent=7493"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/categories?post=7493"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/tags?post=7493"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}