What is an example of Shadow IT?

Shadow IT refers to the use of technology or systems within an organization that have not been officially approved or monitored by the IT department. Utilizing personal email for work-related communication is a clear example of Shadow IT because employees are using a service that is not sanctioned by the organization’s IT policies. This practice can create security risks, such as data breaches and unauthorized access to sensitive information, since personal email services may lack the security measures put in place by the organization.

The other choices describe actions that align with company policies or approved resources. Using a company-sanctioned cloud storage service and implementing security measures prescribed by IT both fall within the authorized use of technology, ensuring that data is managed securely. Sharing documents via the corporate server is also a practice that keeps data within the controlled environment of the organization, minimizing risks associated with data leakage or exposure.