The job of the IT administrator is usually challenging, and often thankless. The larger an organization gets, the more siloed its various teams tend to be. Administrator team sizes are relatively small compared to the number of users they manage, so admins need to spend huge swaths of time chasing down users and products they’ve created outside of those approved by IT. What if there was an easier way to discover the true footprint of your organization’s cloud products and make an informed decision about how to monitor everything?

In our discussions with admins who manage many users and types of products, we learned they struggled to stay up to date on the footprint of the Atlassian cloud products their users access to do their jobs. These discoveries were often accidental, and tracking everything was time-consuming. Admins want to empower their users to innovate and be productive, without putting the company’s data at risk. Gaining visibility into shadow IT can spark conversation between admins and their managed users so they can work toward the perfect balance of securing company data and keeping up innovative momentum. That’s where automatic product discovery comes in.

Unmonitored product growth is scary for admins

Make the most of shadow IT: balancing rules and culture

First, some context. It’s a fact of IT administration that a typical organization’s users can use their work email accounts to create cloud products, without needing to request them through IT. For users, this ease of creation is great, especially since they can get up and running on cloud much faster. But for admins, especially at medium and large enterprises where the rate of runaway product creation can increase exponentially, this can be scary. Product creation and usage administered outside of an organization’s IT department, also known as shadow IT, can lead to:

  1. Unexpected costs: Admins may see a surprise bill increase for cloud products where users can create their own instances. This can make annual budgeting unpredictable. It can also result in duplicate license costs if the IT team has purchased and provisioned a cloud product for the company, but users created and paid for their own cloud product instances of the same type – often not realizing IT has already set one up for employees to use.
  2. Security and compliance concerns: Admins have no visibility or control over what users do in their own instances, which may include putting sensitive data into products when users are logged in with their work accounts.
  3. Operational complexity: Admins have to spend time chasing down users who created product instances outside of IT. And then, attempt to consolidate to fewer product instances to manage products more easily or cost-effectively, or deactivate those that are no longer active. This is precious time that they could spend on the many other tasks of running a large organization!

When you don’t know what you don’t know

Modern shadow IT demands visibility, not control

According to McAfee, 40% of IT spending in an organization happens outside of IT. In fact, around 80% of a company’s employees admit to using SaaS apps that aren’t managed by the IT team.

Many administrators may not realize that some parts of their organizations are already on Atlassian cloud. While they don’t deny the conceptual existence or the possibility of shadow IT, the vast majority of the enterprise admins we spoke with didn’t have a confident grasp on the full extent of their organization’s Atlassian cloud footprint and the inherent risks that arise when employees use those products.

We knew we had to help get admins out of the “we don’t know what we don’t know” stage and gradually move toward understanding the organization-wide picture of their users’ Atlassian cloud footprint – and acknowledging there may be many more cloud products in the organization than they previously realized.

Driving innovation and productivity, safely

Looking at shadow IT through a new lens

Organization admins don’t want to be the bad cops. As our own Atlassian IT team described in this webinar and in this blog, admins want to enable innovation at their companies, where users can discover and use productivity tools – as long as they can do so safely, without putting the company’s data and reputation at risk.

Importantly, product growth led by users and admin empowerment through tools to manage them safely are not mutually exclusive goals. Admins have more important things to do than micromanaging every single activity by their users! However, dealing with escalations and justifying large bill increases to the CIO are time-consuming (and unpleasant!) activities. The more admins know about their environment and where the risks are, the better positioned they are to manage their growing environments without incident. Within this admin-controlled environment, users can be free to grow applications as their business needs require.

Most of our shadow IT exists because our users don’t know that we exist to set up these products for them. We would like to be notified when someone creates an instance.

Organization admin at a financial company with 1,600 users

Enter automatic product discovery: Uncover the true footprint of Atlassian cloud products

Automatic product discovery empowers organization administrators to discover user-created product instances of Jira Software, Confluence, Jira Service Management, and Jira Work Management. The Atlassian Guard feature enables admins to discover the product instances managed users created, the date of creation, how many total users have joined those products, and perhaps most importantly, which users administer those products so organization admins on the IT team can reach out to them and discuss next steps to manage them securely.

The discoverability of products is available for all organizations with at least one verified domain. This includes receiving email notifications leading to a Discovered products page in which shows the cumulative total of shadow IT instances in their organization.

With Atlassian Guard, organization admins will see more details about the shadow IT product instances, including the number of users who have access to the product instance and the users who administer them. From the Discovered products page in, it takes just a couple of clicks to get in contact with their administrators to align on the most appropriate next steps for the product instance.

Learn more about Atlassian Guard or sign up for your 30-day free trial.

How Atlassian helps manage shadow IT with automatic product discovery