As a cloud security architect, you are tasked with designing a strategy to mitigate the risks associated with the unauthorized use of cloud services within your organization. This phenomenon, often referred to as "shadow IT," can lead to data breaches and non-compliance with regulatory standards. Which strategy would be most effective in addressing the root causes and reducing the occurrence of shadow IT?