Examples of shadow IT that could live on your network:
- Messaging apps used on corporate-owned devices (Snapchat, WhatsApp, Slack, Facebook Messenger, Signal, Skype)
- Physical devices not monitored by IT but connected to your network, including:
- Personal smartphones
- Laptops (we will hit on more later but this can include your family’s devices connected to your home internet while you’re working from home)
- Flash drives
- Cloud storage (Dropbox, Google Drive, AWS)
- Workplace efficiency apps meant to increase productivity (Trello, Airtable, Wrike, Monday.com, etc.)
- And more...
Q: If Everyone Has It, Should I Worry That Much?
It might be hard to believe in the danger of shadow IT if security managers aren’t constantly talking about it. In reality, when the sources of data breaches are not always made public, it can be because security teams are embarrassed to admit to having shadow IT. Major data breaches, like SolarWinds, are impacting large numbers of companies because IT departments weren’t aware that SolarWinds software was present because it had been downloaded by an employee for free.
Shadow IT is there, and it’s worth your worrying about. With today’s remote office environment, employees around the world are accessing their organization's network from home internet points. This means that anyone else using that same internet is also connected to the company’s network, which dramatically expands the attack surface for bad actors to infiltrate.
Q: My Employees Are Educated On Cybersecurity Best Practices, Why Are They Using Shadow IT?
Your employees most likely are not trying to welcome bad actors onto your network by choosing to bypass IT protocols. In reality, the most common reason for shadow IT on your network is because your employees are trying to work more efficiently, and are trying out a new service or cloud provider. Sometimes the team leaders don’t realize even the seemingly smaller integrations still need to be run through IT, and other times the need is urgent and employees don’t want to wait for the IT audit to be completed.
In other instances, employees might be very conscious of their cybersecurity decisions on the company network, but don’t know how using a remote internet connection or using personal devices for work could impact the company. Including shadow IT in your employee cybersecurity training is the best way to educate your workforce about the potential danger of their decisions.
Q: How Can I Locate Shadow IT On My Network?
Protecting your organization from bad actors requires a monitoring technique that scans for shadow IT. Manual processes or tools requiring oversight from a member of the IT department can be time consuming, and can fail to monitor every corner of your network.
Attack Surface Analytics from BitSight
With BitSight for Security Performance Management, customers are given access to Attack Surface Analytics. Attack Surface Analytics specifically helps program managers discover hidden assets and cloud instances on your network. BitSight then will assess the discovered areas of shadow IT for their inherent risk to your business, and then help bring them into line with your corporate security policies.
If you’re curious about what shadow IT is lurking in your network, you can request an Attack Surface Analytics report with BitSight today.