Shining a Light: Shadow IT and Data Protection in the Humanitarian Sector
Focus on new technology products must not outshine a robust analysis of the risks related to embedded, routine technology used in humanitarian workplaces. This paper profiles two common platforms (Skype and Dropbox) against a framework of data protection principles applicable to the humanitarian sector and in the context of their shadow IT – or non-IT authorized – usage. The research finds that while such technology itself may not inherently breach data protection principles, the unmanaged, shadow IT application of technology may. The paper concludes that to meet data protection obligations, the humanitarian sector must begin to proactively manage shadow IT.
Authored by Siobhán and last updated in October 2019
Focus on new technology products must not outshine a robust analysis of the risks related to embedded, routine technology used in humanitarian workplaces. This paper profiles two common platforms (Skype and Dropbox) against a framework of data protection principles applicable to the humanitarian sector and in the context of their shadow IT – or non-IT authorized – usage. The research finds that while such technology itself may not inherently breach data protection principles, the unmanaged, shadow IT application of technology may. The paper concludes that to meet data protection obligations, the humanitarian sector must begin to proactively manage shadow IT.
Authored by Siobhán and last updated in October 2019
