Another interesting approach I learned from the Director of IT at Intercom (Emanuele Sparvoli): They pay for a single seat in each of the typical "Shadow IT" SaaS apps. Then they block within the SaaS app the ability to sign up with email/password coming from their domain.
It's pretty drastic since you literally pay for a seat in a tool you don't want to use. But it stops anybody from quickly signing up and instead will guide them to the IT team. They then have the chance to explain what the official alternatives are.
What's important is that the employee's understand the reason why certain apps are not allowed - whether that's cost, security or something else.
It's pretty drastic since you literally pay for a seat in a tool you don't want to use. But it stops anybody from quickly signing up and instead will guide them to the IT team. They then have the chance to explain what the official alternatives are.
What's important is that the employee's understand the reason why certain apps are not allowed - whether that's cost, security or something else.