Given the lack of visibility and control, what does the security team do about shadow IT? Do they take extreme security measures and try to block them using legacy security tools or do they allow their use and hope users stay secure from threats and don’t leak sensitive data? This is a difficult decision and presents a catch-22 between extracting value from the cloud and being secure. Let’s take a look at the potential impact resulting from an allow or block decision.