It might not be malicious - but it may be costing you.
Naked Security explains:
Organisations can have all the security they want in place – but employees have a knack of circumventing it, sometimes without knowing they’re doing anything wrong. It’s a process called “shadow IT”, in which someone uses their own preferred technology rather than the technology chosen and sanctioned by the IT department.
This is the result of a number of things. The current generation of workers has an unprecedented knowledge and resources when it comes to technology, so if your file transfer system feels slow then “I’ll just DropBox this to you when I get home” or “let’s share this through Google Drive” is easy to do.
Nobody is saying there is anything wrong with either of the services named above. The issue is that if your corporate governance says you use your preferred, tested technologies and your colleagues instead do something else entirely, you’re losing control and you can’t be sure they’re not using something insecure.