Cisco released new data that shows some companies may not know the extent of their employees’ usage of external cloud computing services, instead of the employer’s in-house cloud services. The practice of using systems inside organizations without approval is called “Shadow IT.” According to Cisco, there is 70 percent more Shadow IT activity than there was six months ago. Cisco gathered the data by surveying CIOs and running software that could track cloud activity. Unauthorized cloud usage could pose serious security threats.

The data was part of promotional materials for Cisco’s new service that helps companies monitor cloud usage. Cisco found that CIOs often underestimate how many cloud services their companies are using because they are unaware of employees’ unauthorized cloud usage.

While CIOs estimate that their organizations use 91 cloud computing services, Cisco’s tracking software says that the average is actually closer to 1,120 services.

The rise in Shadow IT could be due to the convenience of it. There’s a wide variety of cloud computing services, from Dropbox to SurveyMonkey, and many of these service are free for individual users. Instead of waiting for the IT department to arrange for server space, an employer could simply use a credit card to get access to Amazon’s Web Services or Microsoft’s Azure services in minutes.

The drawbacks include potential security risks involving customer data, violations of company or government policies, and missed opportunities for corporate discounts on cloud computing services or simply overspending on cloud services that the employer already provides.

Some analysts say that Cisco’s data seems exaggerated and Shadow IT is not as big of a concern as Cisco makes it out to be. Andras Cser of Forrester Research told The Wall Street Journal that probably only 30 to 40 percent of cloud computing activity was unsanctioned and Cisco’s data only represents large U.S. companies.