Shadow IT: the server under the desk
I had just left university and started my first job in the industry when an emergency called my senior colleague, Sven, and me to Basel. We were there to meet with big pharma, of course. On the way to the train station, I picked up the O’Reilly Samba book, hoping it would help me cope with my impostor syndrome. I felt like Robin following Batman on a dangerous mission.
When we arrived in Basel, we entered a room filled with an impressive gathering of middle management. We were seated behind large name tags that introduced us as experts from „Samba Switzerland,” which made my impostor syndrome flare up again. The adrenaline level in the room made it clear that even a brief explanation of open-source licences, volunteer-driven development, and the relationship between the Samba team and the „evil empire” (this happened in 2003) was not welcome.
The company had a beautiful file server with an elaborate access control system. It was so complicated that nobody used it for their research. However, they also had a Samba server under one of their admins’ desks, and that server sported 5,000 users across various medical research collaborations around the globe. This must have felt like a godsend shortcut for getting work done.
Unfortunately, that server had started to segfault lately, and — this is where the adrenaline came from — if the FDA learned about the unofficial nature of the popular server and its recent hiccups, there was a non-zero chance that an application for a multibillion-dollar drug would be dismissed since the integrity of the research could no longer be proven. That sounded exaggerated, but what did I know about the FDA?
My colleague sprang into action and fixed the problem without blinking. I seem to remember him recompiling Samba on AIX and installing it in parallel to the existing server daemon. Afterwards, we switched the thousands of users over to the new daemon before taking down the old, segfaulting instance for good. Soon enough, Batman and Robin from Samba Switzerland emerged from the shadows to applause of the middle management.
The many facets of shadow IT
It took me years to realise that I had witnessed a classic case of Shadow IT in all its facets:
- An overly complex setup that nobody uses.
- A handy alternative that people set up to get work done.
- That unofficial shadow server develops into a mess since nobody has the time to maintain it properly.
- Middle management panicking when they realise the danger of the situation and the risk of upper management learning about the problem.
- And the opportunity for consultants to make good money as an emergency support team with impressive name tags.
I am sure these meetings continue to happen around the world to this day.
Since most Samba servers have long been retired, these meetings must now focus on local Shadow Moltbot Clawdbot OpenClaw installations and other modern software that is a much bigger threat to an enterprise than a file server has ever been – well thinking of it, there is a story about another file server that springs to mind. But that’s for some other time.
When corporate policies stand in the way and people are committed to getting their work done, shadow IT plays an important role in delivering results. However, shadow IT also poses significant risks to security and compliance. Combine these risks with the rapid development of agency in modern AI systems, and it’s clear why the risk — and perhaps the productivity — is growing exponentially before our eyes.
This is why „Shadow IT” in all its many aspects is the focus topic for Swiss Cyber Storm 2026 on October 20 in Bern, Switzerland.
