Shadow Communications – the Shadow IT of Messaging Applications

LeapXpert Shadow IT Shadow Communications

Shadow IT has been an issue for corporates ever since IT first came out of the cabinet and into the hands of the user. Covid-19, ensuing lockdowns, remote working and the shift in the fundamental way that we live and work has led to a tangible rise in shadow IT across all sectors.

Not just employees

Shadow IT is when an individual or team set up a software or service without the approval of the organization.  Research from the Everest Group pre-Covid indicated that shadow IT comprised 50% or more of IT spending in large corporates. In fact it is estimated that up to 71% of employees use applications that are not IT approved. This accelerated and increased since the events of 2020. Core found Shadow IT exploded by 59% due to Covid-19.

Even enterprises themselves took a “act now, solve issues later” approach to non-sanctioned shadow applications and cloud solutions. They too either deployed solutions without the usual procurement that would take place in “normal times” or they turned a blind eye as employees found ways to keep the business moving, clients informed and teammates updated.

This presents some key issues – obviously, there are security and privacy risks with unauthorized applications. There are challenges with compatibility as employees deploy different solutions to similar problems. Additionally, there are issues as Shadow IT creates multiple, fragmented data repositories that are not visible to IT and therefore not connected. All this can have cost implications – some estimates place data loss and downtime caused by Shadow IT to USD1.7 trillion dollars each year. 

Messaging applications and Shadow IT

Shadow IT is not confined to just office-bound devices. Messaging applications like WhatsApp, WeChat, Signal, Telegram and LINE are a new form of Shadow IT – shadow communications. . 

As Covid-19 forced employees to find new ways to communicate, the use of messaging applications for business communication exponentially increased. Employees downloaded messaging applications or using already established personal accounts. 

These applications get installed and used on work phones and work computers as Shadow IT. Additionally employees conduct work interactions on these applications leading to a channel of conversations that is opaque to the organization. 

The reality is, however, that not all Shadow IT is bad IT. Sometimes a need drives innovation. Messaging applications like WhatsApp, WeChat and so on are great solutions for easy communications that are barrier free for clients. Both employees and clients probably already use them which makes them likely Shadow IT candidates.

Core issues

There are some specific issues with messaging applications as Shadow IT.

Governance and regulatory

Many industries have specific rules about conversations between customers/clients and employees. These conversations must be recorded, audited and maintained. This is particularly important for financial institutions. If employees download messaging applications that aren’t part of an authorized IT strategy, conversations on these apps aren’t recorded. In this case Shadow IT could have serious financial, reputational, HR and legal impacts. 

Data privacy

Data privacy is central to communication with customers, regardless of the industry. While conversations over messaging applications can be encrypted, there is no consent control. The organization has no ability to track consent and there is no unsubscribe tracking. If the client’s details are sitting on a personal phone then there could be data privacy conflicts.

Content hubs/deep smarts

Conversations with clients contain information that is vital to good business decision making. However, conversations held on messaging applications aren’t connected to corporate tools like CRMs or other content hubs. There are also limited ways to share information with teammates who may not be part of the conversation but who needs to see the output. For example, an employee may have a conversation with a customer about their buying preferences and this information is important for product marketing. Product marketing however doesn’t need to be in a group chat with the customer. Sharing this information with business-critical applications, with teammates, and with analytics tools ensures that businesses don’t create data silos. They can reap the benefits of the deep smarts the data in these conversations could deliver. 

How do organizations prevent these issues?

Shadow IT is to an extent a reality of business life. However, there are some easy solves when managing Shadow IT, especially for messaging applications and communications tools.


How an enterprise manages messaging applications is vital to ensure that they don’t lose control of conversations on these applications. Deploying a solution like LeapXpert’s Federated Messaging Orchestration Platform enables employees to use these applications to communicate with clients but from within a safe, centralized, compliant platform. Employees can communicate over multiple messaging applications from within one platform. Even collaboration tools like Microsoft Teams can be linked to ensure that your communications are streamlined. Employees get enabled, customers stay happy. Plus the enterprise maintains control of regulatory compliance, through guidelines and protocols and audits if required.


Employees will always find the easiest path of least resistance. Ensure your organization has open feedback for employees who want to deploy a solution or application. It may be that they have a valid reason. Educate employees on what Shadow IT is, why it is an issue and how they can engage with IT to find suitable solutions to their problems. For messaging applications ensure that they understand their roles and responsibilities if using messaging applications. Educate them on the policies, guidelines and rules for using a centralized platform like LeapXPert’s FMOP and how it can help them.

If IT Departments ban employees completely from finding solutions to their day-to-day problems, they risk employees going underground. This creates an even bigger problem, or pushes employees to go somewhere that is more dangerous. Instead, IT teams need to realize that some Shadow IT may actually be a solution that employees need – particularly  in these pandemic times. However, IT Departments need visibility into employees’ issues so they can assess the risk and implement appropriate tools, technologies and controls on these services to safeguard the company, the customer and the employee. 

To find out how LeapXpert is working with customers around the world talk to one of our experts.

Read more about the importance of keeping your business out of personal messaging accounts.  

Ready to Leap your business?

    LeapXpert Insights?
    Follow us on Linkedin

    To find out what LeapXpert is doing right now, to learn about our news and plans, and to discover more information on how our FMOP can resolve your business communication problems, follow us on LinkedIn today.
    Catch up on our business news and achievements, explore and follow industry articles.
    Business messaging is a huge pain point for many organizations. At this point, putting the business messaging ‘cat’ back in the bag isn’t going to work. Customers demand the ability to communicate with companies using messengers. So what’s the solution? A Federated Messaging Orchestration Platform (FMOP).
    Read more
    Messaging apps are a preferred method of communication for clients to contact stockbrokers. However, being hit with a $5 million fine for not being able to keep client communications when using instant messaging is a hefty price to pay.
    Read more
    On Jan 22, 2020 Bloomberg announced that the use of Telegram for conducting a business deal was why the court was ruling in favor of Hyundai Motor Securities Co, costing Yuanta Securities Korea Co. ~USD $12.6 million. The Seoul Central District Court has ruled that conversations held via Telegram are not binding contracts.
    Read more
    Data ownership
    Having client poaching employees is the last thing any small business owner worries about. But just one single employee managed to cause an overnight loss of 20% in business income. Believe it or not, instant messaging can be a prime cause of client poaching.
    Read more
    Enterprise messaging is about more than just ensuring a consistent tone and message to your customers. It means giving your employees the right tools to respond quickly to customer requests. From compliance issues and loss of configuration control to reduced security and loss of business, there are many reasons why businesses need to implement a company wide separate enterprise messaging app.
    Read more
    Data ownership
    The privacy rights of employees are under threat from the most basic of workplace communications. Using supposedly safe, encrypted systems is putting personal information at risk, as there is no right to employee privacy on messengers once work topics appear. How can both employees and employers tackle this difficult issue?
    Read more