We live in a connected world – a world in which personalization and apps are at our fingertips and where your job doesn't end the second you walk out of the door at 5:00PM. However, we often find that our companies are slower to innovate, adopt, or offer the services we are accustomed to outside of our work. We find that IT is still busy staying on top of service desk tickets, than reaching out to the business to improve productivity. As a result, the rapid development of mobility and cloud services has coined terminologies such as "Shadow IT".

Wikipedia defines Shadow IT as the following:

Shadow IT is a term often used to describe IT systems and IT solutions built and used inside organizations without explicit organizational approval. It is also used, along with the term "Stealth IT," to describe solutions specified and deployed by departments other than the IT department.

The proliferation of Shadow IT has put further strains on IT as pressure grows on preventing data leakage. However, there is hope. To aid organizations in their ability to reveal where these cloud services and applications are being utilized by their users, Microsoft Azure released the free Cloud App Discovery tool – allowing you to shine the light on Shadow IT.

What is the Cloud App Discovery and what does it do?

  • Uncover any application, site, or service your users are using that may not be known by your organization
  • See the total number of users per cloud application discovered, including amount of requests and data volume
  • Top 10 ranking of most used applications
  • Categorized applications for such things as collaboration, security, productivity, CRM, and more
  • Drill down functions to see which users are accessing which apps
  • Ability to selectively choose which categories of applications you want to retrieve data on.
  • An interactive dashboard which provides an executive summary including total number of cloud applications discovered, number of users, app usage, and more.

How do I get started?

First, you need to log into the Cloud App Discovery (https://appdiscovery.azure.com) using a Microsoft Organizational Account. This could be an account you already have through your Office 365 or Azure subscriptions. If you do not have either of those, you can setup a free 30-day trial of Azure to establish this account and continue. Then, you will need to download and install the service agent, or monitoring agent, on the PCs that you would like to analyze:

Let's breakdown the graphic above into a little more detail:

Collect data from machines and devices

Download a service agent that you must install on your user's PCs. This agent can be easily deployed through your normal GPO processes. The agent is auto-updated as Azure continues to improve on the capabilities and types of data that can be analyzed.

Microsoft Azure AD receives and analyzes data

The data from the service agent is sent to Azure and is stored within a storage account within Azure to then be analyzed. This process happens within minutes of deploying the agent.

Discover cloud services on the dashboard

As an administrator you can log into the dashboard and see the data mentioned earlier. If you already own and utilize Azure, you can even use this dashboard to connect some of the cloud applications to your Azure Active Directory for Single Sign-On. Top 10 applications discovered that can also be pivoted by:

  • Number of web requests to the application
  • Total volume of data uploaded and downloaded
  • Number of unique users
  • Usage trends over a selectable duration of time for the top 5 applications discovered

I encourage you to check out the Cloud App Discovery tool for yourself. No doubt you will be shocked at the amount of what you will uncover! However, using this tool you can begin to make informed decisions about improvements to policies and direction of services offered to your users. I challenge you though not to look at this tool as a means of determining what applications to eliminate from your users, but instead looking at it from the perspective of what your users are telling you they need in order to perform their job effectively.