It almost never starts as a database. It starts as a spreadsheet. Someone in a team needed to track something the official systems did not handle, so they built it themselves, sensibly, locally. It worked. Other people started using it. It grew. Macros appeared. A second sheet linked to the first. And one day, without anyone deciding it, a spreadsheet on a shared drive, or a little database someone built in Access, became something the business genuinely depends on.
Nobody signed off on it as a production system, so it gets none of the things a production system gets. No backups. No access control. No recovery plan. No second person who understands it. It lives on a laptop, or a share, or under a desk, holding real, important data, one accident away from gone.
One I came across ran a critical part of a company’s scheduling. It had been built years earlier by someone who had since left. It was on a shared drive with no backup anyone could point to. The entire operation leaned on a file that, if it had been deleted or corrupted, would have taken information that existed nowhere else with it.
This is not a telling-off. People build shadow systems because the official ones did not meet a real need, and that is useful initiative, not misbehaviour. The risk is simply that something important is being run as if it were not important.
We find these, for free, read-only, when we map where your data actually lives. The conversation that follows is usually the same. Wait, the whole team uses that? And it’s backed up where?
Want to know if this is sitting in your estate? We run a read-only check and hand you a graded report in plain English.
Get your free health check