![]() ![]() According to Gartner, 30-40% of IT spending is on shadow IT. 3. Increased costsĮmployees often misunderstand shadow IT as a means to save costs, while in fact, it does the opposite. This is because shadow IT hasn't been through the organization's penetration testing, sandbox testing, vulnerability assessments, or security tests that approved devices and apps typically go through. Shadow IT further compounds this problem by increasing the attack surface, and worse, the IT and SOC teams aren't even aware of its presence. Typically, more devices in an organization mean a greater attack surface for cyberattackers. With no visibility or control, it's impossible to ensure security for the data stored in those devices or applications. When your employees rampantly use shadow IT devices or applications, it means you have zero visibility and control over those devices and apps. Here are more reasons why shadow IT is a security hazard for organizations: 1. This could expose stored data and other information such as contacts to unwarranted applications. Even if some of those apps are encrypted, they could still ask for permission to access stored files, make calls, access device cameras, and access your location. While the use of unapproved, un-vetted devices comes with a whole range of security risks, the use of unauthorized cloud storage puts organizational data directly at risk. Shadow IT poses several risks to an organization. How does shadow IT negatively impact an organization? The flexibility to work in a hybrid mode results in employees using a mix of corporate and personal devices to fulfill their daily tasks.There is a lack of support for technology, tools, or applications that are currently in use, prompting employees to try out alternatives.The approval process is slow or there isn't a proper one in place for introducing new technology or applications as needed.Alerts eliminate the hassle of constantly checking calendars for meeting updates. For instance, calendar apps that can send out alerts about events will be preferred over calendar apps that don't have this feature. Employees feel the need to off-load work to tools that can automate their tasks.For instance, an employee using an iPhone might not be comfortable using an Android phone. Employees may be biased due to their familiarity with other devices or software.For instance, employees may use WhatsApp to transfer corporate files. Employees find alternate tools that are more efficient than the ones given to them by their organization.Shadow IT results from one or more of these underlying problems: What is shadow IT?Īny application, device, or cloud technology used by employees in an organization without formal or explicit approval from the organization's IT team is called shadow IT. In this blog, we'll explore shadow IT in detail, how it impacts an organization, and how analytics can help you combat this menace. Though shadow IT endangers an organization in many ways, analytics can stop it. Sarah's confidential files would have been safe if she hadn't downloaded the prohibited application! Unfortunately for Sarah, she used her corporate email to sign up for the application, which created a loophole for cyberattackers to break into her system and steal confidential information. The use of such unapproved applications or devices is called shadow IT. ![]() One day, she decided to download an application that her organization had not approved, in the hopes that it would make her job easier and faster. Sarah, a sales manager for a large corporation, took great care in abiding by the rules and regulations of her organization. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |