Home
Culture

Meet Your New Worst Enemy - Digital Sprawl

June 10, 2025

By

Eve

X

min read

What is Digital Sprawl?

You may not have heard of the term 'digital sprawl', but chances are, you've experienced it and probably even contributed to it! When we use the term 'digital sprawl', we're referring to the unchecked growth of digital assets within an organisation, like software applications, data, and IT infrastructure.

As organisations quickly adopt new technologies to stay competitive, this has become more commonplace. Cast your mind back to 2015, a year when Jeremy Clarkson infamously punched a producer, Zayn Malik broke hearts across the world by leaving One Direction, and businesses on average had a mere 8 SaaS applications. Fast forward to today, and not only is Jeremy Clarkson now the nations favourite farmer, but the number of SaaS tools in use per business has skyrocketed to an astonishing 80. While technology has become the norm in many organisations, the decentralised management of these digital resources can lead to significant challenges in security, compliance, and operational efficiency, ultimately hindering organisations from reaching their full potential.

At Yopla, we specialise in digital transformation and help organisations manage digital sprawl effectively. In this article, we’ll explore what digital sprawl is, its implications, and share some practical tips to help you tackle it.

What is Shadow IT?

Another term you might not have heard before, which we're going to use throughout this article, is "shadow IT." Simply put, this refers to using technology systems, devices, software, applications, and services without the visibility of the person or team within the organisation who is responsible for IT.

People often turn to shadow IT to boost their productivity and find more efficient ways to get their work done. For example, someone might use a new project management tool they discovered online or store files on a personal cloud service because it’s more convenient. While these intentions are usually good, shadow IT introduces significant risks to any organisation.

Firstly, there are security risks. When the IT team doesn’t know about these unapproved tools, they can’t make sure they’re secure. This could lead to potential data breaches and cyber-attacks. Secondly, compliance issues arise. Many industries have strict rules about how data should be handled and stored. If people use unauthorised tools, the organisation might unknowingly break these rules, leading to hefty fines and legal trouble. The same compliance issues also mean that best practice, and your valuable IP, is likely being ignored. Getting everyone on the same page is key to identifying and resolving challenges and driving your organisations success.

On a practical level, when data is scattered around the organisation, it can cause confusion and make it harder to provide the best service to clients, as others might not know what’s been done or where information is stored. The more shadow tools that are in use, the more likely this is to be the case.

Causes of Digital Sprawl

Decentralised Responsibilities: A Recipe for Chaos

Imagine if, the next time you left the house, you returned to find that everyone you live with had decided to organise the kitchen entirely their own way. One person has put the pans in the fridge, another thinks plates are better kept above the oven, and the spices have been relocated to a box on the kitchen table. Sounds chaotic, doesn’t it?

Well, that’s essentially what happens with digital sprawl. Different people, departments or teams adopt their own preferred tools and methods. While this might work well for them in isolation, it creates a significant mess for the organisation as a whole. For instance, the marketing team might use one project management tool, while the administrative team relies on another. Before you know it, you have a jumble of systems that don’t integrate, with information scattered everywhere. It’s like trying to prepare dinner in that newly ‘organised’ kitchen—pretty much impossible!

Shadow IT: The Sneaky Culprit

When employees turn to unauthorised apps or services, they inadvertently sidestep the organisations oversight. And this "Shadow IT" phenomenon is more prevalent than you might think - studies show that 67% of employees at Fortune 1000 companies use unapproved SaaS applications. Without the proper checks and approvals these applications can pose significant risks - many of them may have security flaws which allow bad actors access to everything you store and use within them. Think of it like leaving your front door to your home not just unlocked, but wide open. Yes, it might seem more convenient in the short term, but it exposes the entire organisation to significant risks.

The implications of shadow IT are far-reaching, opening up a Pandora's box of security vulnerabilities and compliance challenges. Unauthorised tools often lack proper encryption, leaving sensitive data exposed to potential breaches. What's more alarming is that 69% of employees admit to knowingly bypassing cybersecurity guidance, massively compounding the problem.

The scale of this issue is overwhelming IT departments. Only 12% of surveyed IT teams feel they can keep pace with the rapid proliferation of shadow IT.

This gap between employee behaviour and IT oversight is a significant contributor to an ever-growing digital sprawl.

The Old and The New: A Complicated Relationship

Another contributor to digital sprawl is the tricky balance between legacy systems and newer technologies. Think of it like trying to get your Gran's old radio to sync with your smart speaker—both might be great on their own, but they don't exactly work well together. As technology evolves, what was once cutting-edge can quickly become outdated.

Many organisations find themselves needing to maintain older systems, either for regulatory reasons or because they remain critical for certain operations. At the same time, they must adopt new technologies to stay competitive. This creates a complex IT landscape that can be challenging to navigate and manage effectively.

Often, people try to build on top of these existing systems to improve functionality, resorting to shadow IT to compensate for the shortcomings of legacy systems. The result is a tangled web of systems and applications that are difficult to integrate and manage, exacerbating the issues of digital sprawl.

Impact of Digital Sprawl on Businesses

The implications of digital sprawl are far-reaching and can significantly impact a business's bottom line. From a financial perspective, it often leads to excessive licensing costs and underutilised software.

According to WalkMe's 2022-2023 State of Digital Adoption Report, large enterprises found that approximately 30% of their applications are either redundant or provide no clear value.

For smaller businesses, which often lack dedicated IT teams, this percentage could be even higher, potentially wasting precious resources that could be better allocated elsewhere.

Unseen Usage

The hidden world of shadow IT also rears it's head back up to pose additional challenges. Research indicates that 41% of employees use technology that IT departments cannot see, with this figure projected to rise to a staggering 75% by 2027. This unseen technology usage not only creates security vulnerabilities but also leads to inefficiencies, making it increasingly difficult for businesses to operate smoothly and safeguard their valuable data.

Inefficiencies

Operational inefficiencies frequently arise as employees toggle between different applications with 68% of us moving between 10 different applications an hour, costing up to 60 minutes per day in clicking between different software! These disparate systems often struggle to integrate seamlessly, adding to the tangled web of digital sprawl.

Security Risks

Security risks are heightened due to the increased attack surface from multiple software entry points, making it challenging to maintain consistent security protocols across all applications.

According to IBM, 40% of data breaches involve data stored across multiple environments. The scariest part? In 2024, the global average cost of a data breach has reached an all-time high of $4.88 million USD!

There's a serious issue around compliance too. Gartner predicts that by 2024, 75% of organisations will face audits for privacy laws, leading to potential fines and legal challenges .

Data Governance and Compliance

Data management issues, like data silos and inconsistencies across different systems, can really add to the challenges organisations face with digital sprawl. Imagine a company where the finance team uses one system to track payments, while the sales team relies on another. This lack of integration can lead to duplicated efforts and miscommunications. For instance, the finance team might mark a payment as complete, but the sales team remain unaware so continue to follow up with the client for payment.

Information Hunting

This situation means teams end up spending more time reconciling data instead of focusing on their core tasks, which can hurt productivity and decision-making. Studies show that employees spend an average of 12 hours a week just searching for data because of these silos, so it's no surprise that only 22% of business leaders feel their teams share data effectively, which leads to inefficiencies and increased operational costs. Plus, 76% of companies say that data silos get in the way of internal collaboration, and 74% view this as a competitive disadvantage.

Digital Knowledge and Skills Gaps

As organisations embrace new technologies to stay competitive, they often end up with a digital toolbox that's bursting at the seams. It's like giving someone a Swiss Army knife with 100 different tools—it may be impressive, but it can be overwhelming to figure out which gadget does what. This rapid adoption of diverse digital tools has created quite a challenge for team members who are expected to keep up.

Even something as straightforward as communicating with colleagues ends up being difficult. With the average person using four communication apps to stay in touch, it's no wonder employees often find themselves scratching their heads, unsure of how to use tools effectively. This leads to a lot of inefficient fumbling around, with studies showing that employees spend an average of 22 minutes a day dealing with IT-related issues—that's nearly two hours a week!

The digital landscape is always evolving, with new apps and updates popping up faster than you can say "software update." While this constant innovation is exciting, it also means that employees need ongoing training to stay up-to-date and often organisations will end up with some people trained in one tool, others in another, and no consistency across the board. This creates significant skills gaps and can lead to key person dependencies. For example, if someone responsible for a critical task is unable to come to the office one day, it’s likely that their absence could stall important projects and disrupt workflows.

Fragmentation of Workflows

Digital sprawl also leads to fragmented workflows where everyone ends up using multiple, often redundant, applications to get their work done. This kind of fragmentation can cause confusion, slow down productivity, and create bottlenecks in business processes, making it hard to get anything done smoothly.

These fragmentations impede collaboration and communication within teams. It's like trying to have a group conversation where each person is speaking a different language. When team members aren't using the same tools or platforms, sharing information becomes a challenge. This can lead to misunderstandings, missed messages, and a general sense of disconnection, which ultimately hampers teamwork and the overall flow of information within the organisation.

The inconsistency in tool usage greatly affects both the efficiency and morale of the team. When employees spend more time figuring out which tool to use for each task, they lose precious time that could be dedicated to productive work. This confusion disrupts workflows, as everyone ends up using different applications to accomplish similar tasks. Without a clear, business-wide strategy, it becomes challenging to establish standard practices, leading to misalignment and frustration.

This lack of uniformity can prevent the team from fostering shared goals and a strong sense of collaboration. When team members are not using the same tools or processes, it can create silos and feelings of isolation, making it harder to work together effectively.

Mitigation Strategies

So, we've looked at digital sprawl, shadow IT, and the problems they cause, but how can you combat these challenges effectively?

Digital Mapping

Conducting a thorough overview of your organisation is crucial to determine what’s happening across the board. This process, known as digital mapping, helps you identify where shadow IT is hiding and ensures you have a clear picture of your digital landscape. Always use an expert for this.

At Yopla, we specialise in digital mapping exercises and can guide you in the right direction to get a comprehensive overview of your digital environment.

Centralised Oversight and Knowledge Management

Establishing a governance framework is essential for effectively managing digital tools and applications, and it all starts with ensuring that every piece of software is approved and monitored by a central authority. A vital part of this framework is a centralised knowledge management system, often called a "single source of truth" or knowledge base. This system should provide easy access to training materials, best practices, and troubleshooting guides. It helps maintain consistency across the organisation and empowers employees to tackle problems on their own, which in turn lightens the load on IT support.

Research shows that nearly 70% of people believe a centralised knowledge base would enhance their workflow, and we've seen time and time again that a well-implemented knowledge base can really boost organisational efficiency by offering a simple, accessible location for all the information employees need, allowing them to work more effectively and spend less time searching for answers.

If you'd like some guidance on where to start with finding the best solution for your team, get in touch and we'll be happy to help!

Encourage a Culture of Honesty

It’s important for employees to feel comfortable admitting to using shadow IT.

Recent research found that 83% of organisations have tech being used that hasn't been authorised, so understanding why people resort to these tools can reveal gaps in your current systems or training needs.

At Yopla, we assess organisational culture and skills in a digital context to identify areas for improvement. By fostering an open environment, you can address these issues head-on and ensure your team feels supported and confident with their IT and tech tools.

Employee Training

Implement comprehensive training programs tailored to the specific needs of different teams. Encourage continuous learning and provide resources for self-paced learning. Studies show that well-trained employees are more productive and less likely to resort to shadow IT, so always ensure everyone feels empowered to request training as needed and that there is a robust training program in place for new hires.

As part of our Digital Maturity Assessments, we evaluate your current training programs and gather feedback from your team to understand their perspectives. We're always on hand to provide advice and support to enhance your training initiatives.

Conclusion

Digital sprawl presents significant challenges to modern organisations, impacting security, compliance, operational efficiency, and overall productivity. As we've discussed, the unchecked growth of digital assets and the use of unseen shadow technology creates a chaotic and risky environment for any business.

However, by understanding the causes and effects of digital sprawl, and implementing targeted mitigation strategies, organisations can regain control over their digital landscape. Digital mapping, centralised oversight, fostering a culture of honesty, and tailored employee training are all crucial steps in this process.

At Yopla, we specialise in helping businesses navigate these complexities. Our expertise in digital transformation, coupled with our comprehensive assessments and tailored solutions, ensures that your organisation can effectively manage digital sprawl. By creating a structured and secure IT environment, you can optimise your operations, safeguard your data, and empower your employees to achieve their full potential.

If you're ready to tackle digital sprawl and enhance your digital maturity, we're here to help. Contact us today to learn how we can support your journey towards a more efficient, secure, and productive digital future.

That Gut Feeling? It’s Probably Right. Let’s Talk.

Still thinking about what you just read? That’s usually a sign.

So don’t sit on it. Book a quick chat - no pressure.

We’ll help you make sense of the friction, share something genuinely useful, and maybe even turn that spark into real momentum.

No jargon. No pitch. Just clarity - and the next right move.

Related Posts

Culture

X

Min read

Thriving, Not Growing: Rethinking Business and Economic Success

Explore why moving from constant growth to a thriving business model is crucial for sustainable success. Learn how Yopla can help make this transition easier, balancing innovation, resilience, and social responsibility to benefit your organisation and the planet.

Read more

Digital Transformation

Philosophy

Finance

Rethinking Success: Why Bigger Isn’t Always Better

For decades, growth has been treated as the ultimate goal - the thing every business should chase, and every economy should deliver. But cracks are showing. Bigger is no longer always better. From stretched teams and complex systems to resource strain and environmental cost, the true price of endless expansion is becoming harder to ignore.

This article explores a different model - one where progress means clarity, not clutter. Where ambition is measured by impact, not just output. And where thriving becomes a more useful, more sustainable benchmark for success.

Culture

X

Min read

The Hidden Dangers of Using Instant Messaging Apps for Business Communication

Discover the risks of using messaging apps for business communication. Learn about security vulnerabilities, phishing threats, compliance issues, and why secure, compliant tools are essential for protecting your organisation.

Read more

Digital Transformation

Cyber Security

Organisations are always on the lookout for efficient and accessible communication tools, and due to their widespread use and user-friendly interfaces, peer to peer messaging apps like WhatsApp, Telegram, and Signal often seem like perfect choices for both internal and external communication . As most people are already familiar with these apps, they find them easy to use and comfortable for communication anytime, anywhere. However, despite their convenience, using these platforms for business purposes carries significant risks that may jeopardise security, compliance, and operational integrity.

Security Risks: Infiltration and Bad Actors

One of the primary concerns for businesses using instant messaging apps is the risk of infiltration by bad actors. Accounts are often linked to phone numbers, which can be easily obtained or spoofed. This opens the door for hackers to infiltrate group chats, posing as legitimate members. Once inside, these bad actors work to access sensitive information, introduce malware, or manipulate communications for fraudulent activities.

The end-to-end encryption that many of the platforms boast, while providing a layer of security, is not foolproof nor a defence against many attacks. If a device, user or user account is compromised, the encryption becomes irrelevant as attackers can read information directly or from the device. Businesses might not have the necessary controls to monitor and protect every device their employees use, increasing the vulnerability to such breaches. Many employees may use their personal devices for business communication, which often lack the robust security measures found in corporate-managed devices, escalating the risk of data breaches.

"Your mobile device is the Trojan horse in your pocket." – Bruce Schneier, Security Technologist and Author

Identity Verification: Who Are You Really Talking To?

Another significant risk is the difficulty in verifying the identity of the person you are communicating with. Unlike business communication systems that use domain or other user verification which are defined by policy and controlled by IT departments, instant messaging apps do not provide a robust mechanism for identity verification. This makes it challenging to ascertain whether the person or group you are communicating with is indeed who they claim to be.

Phishing attacks exploit this vulnerability. By creating fake profiles or hijacking existing accounts, attackers deceive employees into sharing confidential information or performing actions that compromise the business. The lack of a formal verification process makes such platforms an attractive target for malicious activities.

It is alarmingly simple for bad actors to steal photographs and gather personal information from social media platforms to create convincing fake profiles. By combining a stolen image with a spoofed phone number, an attacker can easily impersonate a trusted colleague, brand or contact. This impersonation can easily deceive employees into believing they are communicating with a legitimate individual, making it much easier for the attacker to extract sensitive information or distribute malicious links.

Phishing: A Growing Threat

Phishing remains a pervasive threat on all communication platforms, with attackers using phishing techniques to trick employees into clicking malicious links, downloading harmful attachments, or divulging sensitive information. These attacks can be highly sophisticated, often mimicking legitimate communications from colleagues or business partners.

Since communication sent on instant messaging apps is generally perceived as more personal and less formal than emails, employees might be less vigilant when interacting on this platform. This relaxed attitude can lead to lapses in judgement, making them more susceptible to phishing scams.

Spear Phishing, where context and tone of voice are used to defraud the victim is made easier with access to rich conversation and activity histories shared online.

Compliance and Legal Concerns: Terms of Service

Beyond security risks, there are significant legal and compliance concerns associated with using peer to peer apps for business communications. For example, according to WhatsApp's terms of service, the app is not intended for business use unless through a WhatsApp Business account. Regular accounts used for business purposes violate these terms, potentially leading to account suspension or termination. This is generally the case across all similar platforms.

Using these tools without adhering to their terms also poses compliance risks, particularly for industries with strict regulatory requirements. For instance, financial services, healthcare, and legal sectors have stringent data protection and communication archiving mandates. This twinned with the lack of formal oversight and control mechanisms on instant messaging apps makes it difficult for businesses to comply with these regulations, exposing them to legal penalties and damage to their reputation.

Data Privacy and Retention Issues

Messages sent via instant messaging apps are stored on individual devices and on the service providers servers. Businesses have limited control over how data is stored, accessed, and shared. This decentralised approach to data management increases the risk of data leaks and unauthorised access.

If your organisation need to retain communication records for auditing and legal purposes, you will find that most instant messaging apps do not provide tools to efficiently archive and retrieve messages, or identify sensitive data, making it challenging to meet legal and regulatory requirements for data retention.

When sensitive business data and conversations are conducted on personal devices, companies lose control over content and have no means of monitoring or accessing what has been discussed. This fragmentation leads to significant gaps in security and accountability, making it difficult to enforce corporate policies and ensure compliance with legal and regulatory requirements. Without centralised control and oversight, organisations are unable to maintain a cohesive record of communications, potentially leading to mismanagement, data leaks, and an inability to respond effectively to security incidents.

"Effective oversight of staff communications is crucial for maintaining security, compliance, and operational integrity." – Theresa Payton, former White House CIO

A Need for Caution

While instant messaging apps offer convenience and widespread adoption, their use for business communication comes with significant risks. Security vulnerabilities, identity verification challenges, phishing threats, and compliance issues mean they should be carefully considered, and subject to clear policy guidance. Businesses should consider more secure and compliant communication tools designed specifically for corporate use. These tools offer better control, monitoring, and security features, ensuring that business communications remain protected and compliant with relevant regulations.

It's important that whatever your policy, the tools you use reflect those priorities and any gaps in enforcement can be easily identified and mitigated.

In summary, while instant messaging apps can be handy tools for informal and personal communication, businesses must exercise caution and should seek alternative solutions that prioritise security, compliance, and data integrity. By doing so, they will protect their operations, reputation, and bottom line from the myriad risks associated with using instant messaging apps for business purposes.

If you'd like to talk to us about how digital transformation can help your organisation discover better ways to communicate, book a meeting by clicking here!

References

Star fund manager Nick Train impersonated in WhatsApp scam | MoneyWeek

13 WhatsApp scams to know and avoid in 2024 - Norton

'I had £3,000 stolen via WhatsApp job scam message' - BBC News

Behind the global scam worth an estimated €100m targeting WhatsApp users with fake job offers | Euronews

Whatsapp users issued urgent warning over scam message they need to delete | The Independent

Culture

X

Min read

It Takes A Whole Team to Digitally Transform

Any successful digital transformation needs great leadership at it's helm, but never underestimate the power of teamwork and the difference it can make. In this article we look at why it's so important to get your team onboard with digital changes, and how to actually do it!

Read more

Digital Transformation

Staff Engagement

“Some people don’t like change, but you need to embrace change if the alternative is a disaster.” - Elon Musk

If you're a leader in today's fast-paced and ever-changing world, you're probably already well aware that digital transformation is not only inevitable, but essential for staying ahead of your competition. It's all well and good making the very best strategic decisions at board level, but how do you make sure that your team is on the same page and ready to embrace new technologies and processes?

Well, very simply ... you include them.

But, I've made my decisions already. Why do I need my team onside?

Nothing kills motivation faster than feeling left out or ignored, so letting your team know what's going on and keeping them up to speed, boosts morale and engagement. When you involve your team in digital changes, you show them that you value their input and trust their abilities, giving them a sense of ownership and responsibility for the outcomes. They'll be more engaged, enthusiastic and inclined to willingly participate in getting the new show on the road.

“It’s no longer the big beating the small, but the fast beating the slow.” - Eric Pearson, CIO, International Hotel Group (IHG)

Communication and collaboration are key to any digital transformation given the process will almost always require new ways of working and interacting with each other. Including your team in digital changes fosters a culture of openness and transparency where sharing ideas, feedback, and concerns is encouraged. Not only does this prevent misunderstandings, conflicts and silos, but ultimately it creates a more cohesive, productive team who are all working towards the same goal.

“Automation applied to an inefficient operation will magnify the inefficiency.” - Bill Gates, Microsoft

Digital transformation is an excellent opportunity to enhance learning and innovation across an entire organisation. By including the whole team you're exposing them to new skills, knowledge, and perspectives and challenging them to think creatively to solve problems in different ways. In developing capabilities and building confidence, innovation and improvement inevitably trickle through into every part of the business.

OK, so I understand why I need by team onside, but how to do I get them there?

Start by communicating the vision and the benefits that digital changes will bring to the whole organisation and make sure that your team understands the purpose and the goals behind them. Explain how the changes will benefit them, your clients, and make day to day operations more efficient. Remember that up to this point they may not have been included in discussions, so be conscious that jargon and technical terms may only serve to cause confusion and disruption; try and use clear and simple language which concisely explains what you’re aiming for.

“We talk about automating operations, about people, and about new business models. Wrapped inside those topics are data analytics, technologies, and software – all of which are enablers, not drivers. At the centre of it all, are leadership and culture. Understanding what digital means to your company – whether you are financial, agricultural, pharmaceutical, or retain institution – is essential.” – Jim Swanson, CIO, Bayer Corp.

Don't just tell your team what to do and don’t expect them to adapt to changes overnight! Be sure that you have organised adequate training and coaching on how to use the new technologies and processes and provide ongoing support and guidance throughout the transition period. Invite them to share their opinions, suggestions, and questions, and listen to their concerns!

“Culture eats strategy for breakfast.” – Peter Drucker, Management Consultant

Yes, it’s their job, but don’t take your team's participation for granted … if they’re not happy it will inevitably affect performance and lead to disruption across the board. In acknowledging and appreciating efforts you increase motivation and satisfaction, which not only makes the transition smoother and faster, but also creates a happier and more successful team.

At Yopla digital transformation is our passion, but we know that it’s not always the easiest to get buy in from the people who will be affected on a daily basis by digital changes. That’s why we work alongside organisations to implement strategies in a way that is best for them, fully aware that every team is different. We make sure you have everything in place to get your transformation underway quickly, but most importantly, effectively. We’re always here to offer advice and answer any questions you may have, so whether you’re thinking about digital transformation, in the midst of it, or just want to check you’re still leading in your field, don’t hesitate to get in touch!