Last week, a friend of mine who was working on a PowerPoint deck wanted to share what he’d done with the group. He works for a forward-thinking organisation who has deployed office 365, and so he thought nothing of uploading the document to SharePoint and giving us the link to access it.
In an ideal world, we would have clicked that link and after authenticating we would have his masterpiece on our screens ready to critic. Is that what happened though? No, not even close.
After receiving the link, I gave it a click. It asked for my email address, which I entered. I then had to enter an 8 digit code that had been emailed me, and then I was asked to authenticate. After all of that, I was thrown an error: “external sharing isn’t enabled”.
We were dead in the water. Tim still wanted to share that PowerPoint with us, but his tools had let him down. It was time to open the door to Shadow IT.
Pause for a moment and have a think about the last time you were prevented from doing something – anything. Did you give up, or did you try and go about it another way?
Chances are that if you HAD to do this thing, you’d have kept plugging away at different solutions until you found one that worked. And how about next time this happens? Will you give that process that didn’t work the first time another go, or resort to your tried and true method?
This was the first time Tim had tried to share a document externally within his org and it had failed. “No worries, I’ll just send it via Facebook messenger”. Sure. I mean, it worked without any issues.
Did Tim waste time contacting IT, raising a ticket, waiting for approval, waiting for the change and then resent his document? Of course not. We needed this document now, so Tim worked around the problem and solved it himself with another tool.
There’s a very good chance that shadow IT is operating within your environment right now.
It could be something as simple as end users using WhatsApp to voice call each other whilst travelling for work, or it could be something physical like a wireless access point or a desk phone registered to a VOIP provider.
It’s presence means that at some point in time, someone tried to do something with the tools provided by IT, but couldn’t and so found a workaround.
The problem with Shadow IT
The moment a user steps outside your IT environment, IT loses.
Take Tim’s example of sharing a file via Facebook messenger. There’s no control over where this document could end up once it leaves his PC.
There’s no audit trail on who accessed the file and when, there’s no way to revoke access to the file or control versioning.
Even worse, if several people make changes to this file at the same time, merging those changes will be a nightmare.
Why don’t we just block Facebook messenger then?
Sure, that’ll solve this problem. Users will find a way around it though.
Dropbox, Google drive, OneDrive, slideshare, USB, heck – taking photos of each slide with their phones and sending them via an SMS.
If you put barriers in the way of user productivity, they’ll find a way around them.
So what’s the answer?
Ask yourself why you’ve turned external sharing in SharePoint off. Are you afraid of data leaks? Is there a lack of understanding in how sharing works?
User education is a critical component here in ensuring everyone understands how external sharing works, and the controls available to them.
To compliment this, third party tools like ShareGate allow administrators to view all currently shared files across SharePoint within a single dashboard.
Microsoft have an excellent document on exactly how sharing works within Office 365.
You can read that document here: https://docs.microsoft.com/en-us/sharepoint/external-sharing-overview
What are your thoughts on enabling external sharing?