Shadow IT refers to any IT resource-hardware, software, or service-adopted without the knowledge or approval of the organization's IT department. This includes cloud or SaaS platforms obtained directly from external service providers. Because these resources bypass normal vetting, they may introduce compliance gaps, data-handling risks, and visibility issues. The correct statement reflects this characteristic, whereas the distractors either limit shadow IT to hardware, describe it as always malicious, or claim it is automatically protected by enterprise security tools.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why does shadow IT pose a risk to organizations?
Open an interactive chat with Bash
What is a SaaS platform in the context of shadow IT?
Open an interactive chat with Bash
How can organizations identify shadow IT within their network?