Swif's Shadow IT features help you see which applications are in use across your organization, decide which are allowed, and quickly act on risky apps.
This release introduces a complete status framework and dedicated tabs for each key category:
All Apps (framework + User View)
Approved apps (Fully Approved & Individually Approved)
Unmanaged apps
Needs Review apps
Prohibited apps
Together, these updates make it easier to:
Classify every discovered app with a clear status.
Review new or unclassified apps.
Keep risky apps blocked for all users and devices.
Filter and act on apps by category with consistent UI.
1. Shadow IT status model & All Apps view
Status model
Each app in Shadow IT can be assigned one of several statuses. These are shown as badges in the apps table and used for filtering:
Fully Approved – Approved for all employees (usage) and all devices (installs).
Individually Approved – Approved only for specific employees and/or devices.
Needs Review – Newly discovered or unclassified apps that require IT review.
Unmanaged – Not formally approved or managed by IT, but still allowed to function normally.
Prohibited – Blocklisted for all users (usage, domain) and devices (installs).
Archived – A separate application lifecycle flag (Active/Archived), used in some tab filters for historical apps.
These statuses are shared across all Shadow IT tabs and power the Status badges and filters everywhere.
All Apps tab
The All Apps tab provides a single, unified view of every discovered application.
Key behaviors:
Shows all app categories in one table.
Includes a Status column with the statuses above.
Adds a Set status action so you can update an app’s Shadow IT status directly.
Includes a Status filter to narrow down the list to:
Fully Approved
Individually Approved
Needs Review
Unmanaged
Prohibited
This view is ideal for:
Getting a global snapshot of your app landscape.
Running periodic audits across all Shadow IT statuses.
Quickly spotting apps that still Need Review or are Unmanaged.
User View toggle
Shadow IT supports two perspectives:
App View – Each row is an application.
User View – Each row is a user, with associated apps.
When you switch to User View:
The app‑category header tabs (Approved, Needs Review, etc.) are hidden to keep the layout focused on people.
You can see which apps each user is using, along with the app’s Shadow IT status.
This is especially useful for:
Reviewing one user’s or one team’s environment.
Following up with specific employees about new or unapproved apps.
2. Approved apps: Fully Approved & Individually Approved
The Approved tab is for apps that your organization has explicitly decided to allow.
Approved tab overview
The Approved tab:
Shows apps that are Fully Approved or Individually Approved.
Displays a Status badge (e.g., Fully Approved, Individually Approved).
Provides a Status filter with:
Fully Approved
Individually Approved
Archived
Fully Approved
Fully Approved apps are allowed for everyone:
Approved for all employees (usage) and all devices (installs).
The app’s status badge changes from “Active” (or equivalent) to Fully Approved.
In the row’s action menu you can:
Set Status
Edit
Invite Employees
Revoke All
Manage Blocklist
Download Report
Archive Application
Use this when an app is standard and sanctioned across your entire organization.
Individually Approved
Individually Approved apps are allowed only for specific people or devices:
Approved for selected employees and/or specific devices.
Any new usage or install outside this approved list:
Does not move the app back to Needs Review.
Is surfaced in the Shadow IT report and via a dedicated badge.
Key behaviors:
When unapproved user access or device installs are detected:
A badge appears in the Status column.
The app is automatically moved to the top of the list for visibility.
The Device groups tab in the app details is hidden for Individually Approved apps, since approvals are at the employee/device level.
Admins can either:
Blocklist the new usage, or
Add the user/device to the individually approved list (via the action menu).
Action menu items include:
Set Status
Edit
Invite Employees
Revoke All
Manage Blocklist
Download Report
Archive Application
There is also a Restore to Needs Review flow, allowing you to move an Approved app back into the Needs Review category if you want to reassess it.
3. Unmanaged apps
The Unmanaged tab is for apps that are in use, but not yet under formal IT control.
What “Unmanaged” means
An Unmanaged app:
Is not approved or managed by IT.
Continues to function normally for users.
Is clearly marked with an Unmanaged status badge.
Use this category for apps you are aware of but haven’t yet decided to approve, restrict, or prohibit.
Unmanaged tab features
The Unmanaged tab provides:
A Status badge showing Unmanaged.
A streamlined action menu with a Set Status entry so you can quickly move an app to another status (e.g., Needs Review, Approved, or Prohibited depending on your flow).
A simplified Status filter:
Unmanaged
Archived
This makes it easy to:
See all apps that are currently outside IT governance.
Decide which Unmanaged apps should be promoted to Approved or moved into Needs Review or Prohibited.
4. Needs Review apps
The Needs Review tab is your primary queue for assessing new and unclassified apps.
What lands in Needs Review
Newly discovered or unclassified apps automatically appear with a Needs Review status.
This ensures every new app goes through an explicit IT assessment.
Needs Review tab features
The Needs Review tab includes several UI enhancements tailored for triage:
A dedicated “Discovered At” column, unique to this table, that shows when the app was first detected.
A prominent “Set status” button in each row, so you can act quickly without opening the action menu.
An action menu that also includes Set Status, plus any standard actions relevant to the app.
Status filter options:
Needs Review
Archived
Approving from Needs Review
From the Needs Review tab, you can:
Approve app (Fully Approved)
Mark the app as Fully Approved for all employees and devices.
Approve app for individuals (Individually Approved)
Employees: choose which employees are allowed to use the app.
Devices: choose which devices are allowed to install the app.
Once you set the status:
The app moves from Needs Review to either Fully Approved or Individually Approved.
The Needs Review table continues to track any new apps discovered over time.
5. Prohibited apps
The Prohibited tab is for apps that are fully blocklisted and not allowed in your environment.
What “Prohibited” means
A Prohibited app:
Is blocklisted for all users and all devices.
May be blocked at multiple layers (usage, domains, app installs), following your consolidated blocking configuration.
Is clearly indicated with a Prohibited status badge.
Prohibited tab features
The Prohibited tab introduces:
A dedicated “Prohibited On” column, showing when the app was prohibited.
A one‑trigger CTA to block the app using the consolidated blocking flow (per your internal workflow based on ST‑5778), without exposing the full workflow UI to the user in this tab.
An action menu with:
Set Status
Edit
Download Report
Archive Application
Status filter options:
Prohibited
Archived
Disabled actions with tooltips
When an app is fully Prohibited:
Certain action buttons are disabled to reflect that no further usage is allowed.
Tooltips explain why actions are disabled (for example, the app is fully prohibited for all users, devices, and device groups).
This helps admins and stakeholders quickly understand that the app is not allowed and what controls are currently in place.
6. Summary of category tabs and filters
Tab | Primary purpose | Statuses shown / filters | Special columns | Key CTAs / behaviors |
All Apps | Global view of all discovered apps | Fully Approved, Individually Approved, Needs Review, Unmanaged, Prohibited | – | Unified status badges, Set Status, User View toggle |
Approved | Apps formally approved (full or individual) | Fully Approved, Individually Approved, Archived | – | Rich action menus; Individually Approved toasts; move to top when unapproved usage |
Unmanaged | Apps in use but not under IT management | Unmanaged, Archived | – | Simple Set Status action; Unmanaged status badge |
Needs Review | Triage queue for new/unclassified apps | Needs Review, Archived | Discovered At | Prominent Set Status button; flows to Fully Approved or Individually Approved |
Prohibited | Fully blocklisted, high‑risk apps | Prohibited, Archived | Prohibited On | One‑trigger block CTA; disabled actions with tooltips |
When to use each status
Needs Review – First stop for any new or unknown app.
Fully Approved – Standard business apps allowed for everyone.
Individually Approved – Exceptions or sensitive apps restricted to a subset of users/devices.
Unmanaged – Apps known to be in use but not yet under policy.
Prohibited – Apps that must be completely blocked due to risk, policy, or compliance.