Case Study: Malus Analytics International


The present paper provides a brief analysis of the business problem that Malus Analytics International (MAI) is experiencing in its Information Technology department that is affecting its overall company operations. The business is undergoing a developmental issue on Shadow IT. Shadow IT is an application and transmission of information (data) without the knowledge of the IT department or organizational policy approval and is relied upon for business endeavors (Gill, 2011). Shadow IT are often in use due to the numerous advantages in infrastructural and data management challenges its counters. However, there are overwhelming issues that surround the use of Shadow IT which MAI faces rendering its profitability in jeopardy.

Business Problem: Shadow IT

Shadow IT has brought on numerous issues that place MAI’s operational capacities and objectives to its customers in peril. Among the problems include cybersecurity breaches, non-compliance with regulatory policies within the organization and duplication of applications by employers (Berry, 2018). Besides, aspects of lack of IT departmental help, desk support and no-code user-built application have been noted to undermine institutional standards (Magunduni, 2018). Shadow IT moreover, has been associated with inefficiency in IT functionalism which in turn affects the budgetary allocations and overall the company’s balance sheets. It is noted that with Shadow IT the main issue is that it is inefficient (Watkins, 2011). MAI has in the past, allowed its employees to use personal devices to access cloud computing services from software to infrastructure. The defect to this freedom is that most of the operations on client-end is disrupted and as a result, customers complain about inefficiencies.

As a result, there has been an increased concern from customers who have reduced their trust in the business (Sillic, 2014). End-users are complaining that centralized business support is no longer offering the promised service goals. This is frustrating the access to cloud computing, for instance, by the consumers (Carolyn, Vella & McGonagle, 1987). The threat is that the business’ cloud infrastructure and software, as well as a platform, is exposed to a lot of viruses, and Trojans both from the employees who use personal devices and the customers who access the cloud services on public domains. Therefore, this has frustrated the access time which is considered to be slow and old-fashioned.

Impacts of Shadow IT

The significant impact of Shadow IT is the increasing hidden costs that cripple the profitability of the business (Aviani, 2018). According to the meeting minutes presented in the report, the Chief Information Technology Officer indicated that the Shadow IT consumes a lot of hidden capital investment from the business.

Additionally, Shadow IT in MAI is associated with inefficiencies. Inefficiencies, in this case, mean that the innovation presents a barrier to the establishment of useful and productive work both from the employee end and the customer-end (Gherardi et al., 2016). Based on the report provided by MAI, customers are complaining that access to the cloud computing services are becoming more and more frustrating and this is affecting businesses from the customer-end.

Also, there is a high risk of data loss and leakage. The reasoning behind this is that Shadow IT allows employees and end-users to access the cloud computing services using personal devices and access through public and open domains (Walterbusch, Fietz & Teuteberg, 2017). The disadvantage of this is that viruses are prone and can affect the services. Some of the viruses are malicious and can lead to data loss and leakage (Mallmann, Macada & Oliviera, 2018). This is due to the failure of the Shadow IT to have an existing security back-up that is incentivized by the IT department and privacy limitation policies.

Contributors to Shadow IT

The contributors to Shadow IT based on the MAI case study is from a two-prong phenomenon: clients and employees. In MAI, some employees have adopted the concept of ‘bring-your-device- ‘which is used to access the cloud computing services for the clients (McDonald, 2014). In most cases, Shadow IT is influenced by the viruses and the malware that exist in the devices. The contribution intends to bring in any functionalities that are not credited by the issues that are not identified under the main central IT.

Another contributor is the client. Clients are prone to access cloud services under public domains. Public domains are attractive to hackers and viruses from which the client device can be used as the transit and primary tool for the viruses and entry for the hackers. Public domains are not secure compared to private IP addresses.


Shadow IT should not be taken as a threat but an opportunity. MAI should focus on investing in Shadow IT and cover it through security, governance, and advice as critical priorities.  This requires the need to nurture the technology used in the organization by empowering the IT department to embrace it. Since clients and employees use it to bypass the normal process, this means it is in constant use. As such, MAI should invest in policies that transform the use of the Shadow IT for good.


Shadow IT is not necessarily a threat but, an opportunity. MAI should encompass its capital investment and IT department to focus on how to improve infrastructural efficiencies based on technology use. The present paper has presented a succinct description of the business problem that MAI faces and what impact it has on its operations. Also, the paper has produced a recommendation of how MAI should invest in the technology to improve on service production.





Aviani, J.(2018, July 12). Why Shadow IT Exists, and How to Eliminate It.
Retrieved from M., Vella, J., Berry, J. (2018, June 28). Shadow IT reconsidered: The case for losing control. 5-

McGonagle, Jr., (1987). Shadowing markets: A new competitive intelligence technique”. Retrieved from

Gill, R. (2011). The shadow in organizational ethnography: moving beyond shadowing to spect‐acting. Retrieved from

Gherardi, S., Jensen, K., Nerland, M., (2016, October 16). Shadow organizing: a metaphor to explore organizing as intra-relating. Retrieved from

Magunduni, J., Chigona, W., (2018, May 31). Revisiting shadow IT research. Retrieved from

Mallmann, G., Maçada, A., Oliveira, M., (2018 March 21). The influence of shadow IT usage on knowledge sharing: An exploratory study with IT users. Retrieved from

McDonald, S., Simpson, B., (2014).Shadowing research in organizations: the methodological debates. Retrieved from

Silic, M., Back, A.(2014, September). Shadow IT – A view from behind the curtain. Retrieved from

Walterbusch, M., Fietz, A., & Teuteberg, F. (2017). Missing cloud security awareness: investigating risk exposure in shadow IT. Journal of Enterprise Information Management30(4), 644-665. Retrieved from

Watkins, P. (2011). Shadow banking: accounting for Canada’s productivity gap. International Journal of Productivity and Performance Management60(8), 857-864. Retrieved from