The Rise of Shadow Apps: How Rogue Spreadsheets Are Undermining Your Business

Expert reveals “the reason why shadow apps are multiplying rapidly is because it’s often faster to fix workflow issues that slow down employees by building a spreadsheet, compared to waiting for IT to procure or build a solution”.
Expert explores the need for a scalable and innovative solution that also addresses the needs of the employees.
Dewhurst warns that if these software tools continue to be mismanaged, they could cause errors and data loss and ultimately threaten to destroy the data integrity of businesses.

Below, Sebastian Dewhurst, Founder and General Manager of EASA, shares his thoughts on how Excel-based shadow apps can potentially damage businesses from the inside and how this risk can be mitigated by integrating Excel models into secure web apps, accessed via an enterprise-friendly platform.

“In a digital landscape that is constantly evolving, businesses are becoming more and more self-sufficient; for example, it’s possible for non-programmers to leverage AI to create apps that would have required coders just a few years ago. However, one of the downsides to this philosophy of self-sufficiency is a threat that hides behind the surface of many organizations; shadow apps. According to Security Boulevard*, a staggering 94% of marketing SaaS apps are unmanaged, which represents the highest amount of shadow IT in any department. While this may be born from a desire to adapt quickly and innovate more creatively, all this is doing is creating an IT environment that is unsustainable and risky.”

What Are Shadow Apps?

“Shadow apps are software tools that are often built or used by employees for specific problems without being approved officially. These can vary from Excel spreadsheets and automated Google Forms to complex workflows that are built on platforms such as Airtable and Notion.

The reason why shadow apps are multiplying rapidly is because it’s often faster to fix workflow issues that slow down employees by building a spreadsheet, compared to waiting for IT to procure or build a solution. In most cases, these shadow apps are not seen as malicious; after all the reason employees build them is the need to improve productivity and efficiency. But over time, the cumulative effect of using these unapproved software tools can become a large issue as they are not only unapproved, but are invisible to IT and cybersecurity teams, and are not secure once deployed to the organisation.”

The Hidden Risks

“Despite the fact that shadow apps often successfully fill a specific need and have the advantage of being highly flexible, , the rapid increase in the usage of shadow apps can lead to a number of risks. Firstly, shadow apps are often built without appropriate security protocols, encryption or access controls and sensitive data can be stored in unsecured spreadsheets. As a result, this can open the door to potential data breaches and expose businesses to legal repercussions from laws like GDPR and HIPAA. Without someone to coordinate the application of these tools, different teams may reinvent the wheel, creating multiple tools that do essentially the same thing in different ways. This leads to inefficiency, inconsistencies in data analysis, and a lack of standardization between departments.

The fundamental problem that comes with using these apps is their lack of visibility to IT and C-suite executives and leaders. Because leaders aren’t aware of their existence, IT can’t provide the necessary support, nor implement software updates and conduct security audits that are crucial in today’s environment.”

The Need for a Scalable, Approved Solution

“Despite the risks that come with spreadsheet shadow apps, the solution is counter-intuitive: don’t stop using Excel completely and shut down employee-led innovation; instead, channel that innovation into finding scalable solutions that are also secure. It’s important to find modern platforms that exist that offer the middle ground and give employees the power to build and use tools that solve their problems, while giving IT the scalability, governance and visibility needed to make sure that these tools are secure. In short, we want to make Excel behave like an enterprise app.

There are now platforms which offer a structured pathway for citizen development, allowing business users to apply their domain expertise in Excel while meeting IT standards. This approach reinforces the idea that the ability to foster innovation and maintain a secure, well-governed IT environment at the same time is more than possible, it just requires the right structure and framework to use it safely.”

Bringing Shadow Apps Into The Light

“The rapid usage and development of shadow apps remains a constant challenge for businesses in 2025. Although there is no malicious intent behind its use, these insecure tools have introduced a plethora of risks related to data security, data integrity, compliance and many more. It’s time for businesses to actively address this growing issue.

They can start by implementing an internal audit to identify what shadow apps are currently in use and starting a dialogue between IT and other departments to understand their needs and what they’re having trouble with. By selecting platforms that create a pathway for governed citizen development, businesses can empower their employees while delivering sustainable, secure and scalable tools for future use.”