IT managers are unaware of the level of shadow IT running in the business, the Cloud Security Alliance has warned.
In a survey of 200 IT managers, nearly 72% admitted they did not know the number of shadow IT applications being used in their organisation.
The study found that 57% of IT managers said they received between one and 10 new cloud service requests each month.
Almost two-thirds of the IT managers surveyed admitted they did not block cloud services. But storage and social networking sites were the main cloud services IT managers did block.
Jim Reavis, CEO of the CSA, said: "As companies move data to the cloud, they are looking to put in place policies and processes so that employees can take advantage of cloud services that drive business growth without compromising the security, compliance and governance of corporate data."
More articles on shadow IT
The survey also found that in 61% of companies, decisions concerning the security of data in the cloud is a boardroom issue.
While security of data remains a top barrier to cloud adoption, 74% of organisations said they were moving forward in adopting cloud services.
The study found that companies with more than 5,000 employees are more likely to have a cloud governance committee (35%, versus 12% in smaller organisations). Larger companies are also more likely to have a policy on acceptable cloud usage (61%, versus 45%), and have a security awareness training programme (26%, versus 20%), compared with companies with fewer than 5,000 employees.
But larger businesses spend less as a proportion of their annual IT budget on cloud services, compared with smaller companies. Only 36% of larger businesses were found to spend more than a fifth of the IT budget on cloud services, compared with almost half of companies with fewer than 5,000 employees.
Rajiv Gupta, CEO of Skyhigh Networks, which sponsored the study, said: "Companies are aware of the consumerisation of IT but have room to more proactively address the security concerns of cloud adoption."
IT managers are unaware of the amount of shadow IT applications running in the business, the Cloud Security Alliance has warned