As organizations try to increase their velocity and agility, there’s a widening gap between the IT department and the provisioning of new services. This can lead to serious security risks and operational inefficiency. But if we really want to tackle shadow IT, we have to get to the root of the problem. Why are people bypassing the IT department or failing to ask management for permission? What can we do about it?