Notifications
Clear all
Topic starter
10/06/2026 9:12 pm
TL;DR: SaaS-driven shadow IT is expanding as employees adopt apps outside IT oversight, increasing data leakage, compliance exposure, and wasted spend; Zluri says 57% of IT leaders are concerned about shadow IT and 76% of employees prefer working from home. The governance problem is now identity-related as much as procurement-related, because app adoption and access are moving faster than review and control cycles.
NHIMG editorial — based on content published by Zluri: Security & Compliance, What is Shadow IT? How SaaS Apps are Driving the Next Wave of Shadow IT
By the numbers:
- 57% of IT leaders are concerned about shadow IT.
- 76% of the employees say they prefer to work from home.
Questions worth separating out
Q: How should security teams control shadow IT in SaaS environments?
A: Security teams should combine discovery, ownership, and lifecycle controls.
Q: Why does SaaS sprawl create identity risk beyond software sprawl?
A: SaaS sprawl creates identity risk because each app introduces users, admins, tokens, and integrations that must be governed over time.
Q: What do organisations get wrong about employee-owned SaaS apps?
A: They often treat employee-owned tools as low-risk because procurement is small or the app looks harmless.
Practitioner guidance
- Build a shadow SaaS inventory from identity and network signals Correlate SSO logs, OAuth grants, DNS, finance records, and browser telemetry to find apps adopted outside procurement.
- Classify app ownership by business function and access risk Assign a named owner, data classification, and review cadence to every SaaS app that stores or processes company data.
- Tie SaaS offboarding to entitlement revocation When a team drops a tool, remove admin roles, revoke OAuth grants, delete service accounts, and confirm data export or retention handling.
What's in the full article
Zluri's full article covers the practical detail this post intentionally leaves for the source:
- How the article groups SaaS apps into IT-managed, non-IT-managed, and employee-purchased categories
- Examples of shadow app adoption patterns across collaboration, productivity, and business applications
- The specific business drivers behind SaaS growth, including product-led adoption and remote work
- The article's framing of waste, compliance exposure, and decentralised governance as separate shadow IT impacts
👉 Read Zluri's analysis of how SaaS adoption is driving shadow IT →
SaaS sprawl and shadow IT: what IAM teams need to know?
Explore further
10/06/2026 10:03 pm
Shadow IT is an identity governance problem before it is a software discovery problem. The article treats SaaS adoption as a usage trend, but the deeper issue is that every unsanctioned app creates identities, permissions, and lifecycle obligations outside the authoritative governance process. That is why discovery alone is insufficient: the real control failure is that access can be created faster than it is classified, reviewed, or removed. Practitioners should treat shadow IT as unmanaged entitlement creation.
A few things that frame the scale:
- 85% of organisations lack full visibility into third-party vendors connected via OAuth apps, according to The State of Non-Human Identity Security.
- Only 1.5 out of 10 organisations are highly confident in their ability to secure NHIs, compared to nearly 1 in 4 for securing human identities.
A question worth separating out:
Q: When should organisations move a SaaS app from local ownership to central governance?
A: Move it to central governance when the app handles regulated data, supports customer processes, or connects to other systems through OAuth, APIs, or service accounts. At that point, local management is no longer enough because access, revocation, and evidence requirements have outgrown informal control.
👉 Read our full editorial: Shadow IT from SaaS sprawl is widening identity governance gaps
