What was once an annoyance to IT teams is now becoming a major threat to security performance managers. Increasingly sophisticated hackers are taking advantage of the shadow IT lurking in networks, even in some of the well-managed cybersecurity systems.
What is shadow IT, and why should your security team care? We’ve compiled a list of the most asked questions surrounding shadow IT to help ease security manager’s concerns and offer realistic solutions.
Shadow IT can refer to a number of different IT applications, cloud software, outside technologies, and devices (laptop, smartphone, etc.) that are connected to an organization’s network without the knowledge of the IT department. These non-approved technologies aren’t vetted through the usual IT vendor onboarding process, which means they might have security standards that are below your organization’s normal risk-thresholds.
It can be hard to believe that your IT department would miss critical vendors being given access to your network, but research shows that the average organization houses over 900 unknown cloud services, and 80% of workers surveyed admit to using SaaS applications at work without getting approval from IT.
It might be hard to believe in the danger of shadow IT if security managers aren’t constantly talking about it. In reality, when the sources of data breaches are not always made public, it can be because security teams are embarrassed to admit to having shadow IT. Major data breaches, like SolarWinds, are impacting large numbers of companies because IT departments weren’t aware that SolarWinds software was present because it had been downloaded by an employee for free.
Shadow IT is there, and it’s worth your worrying about. With today’s remote office environment, employees around the world are accessing their organization's network from home internet points. This means that anyone else using that same internet is also connected to the company’s network, which dramatically expands the attack surface for bad actors to infiltrate.
Your employees most likely are not trying to welcome bad actors onto your network by choosing to bypass IT protocols. In reality, the most common reason for shadow IT on your network is because your employees are trying to work more efficiently, and are trying out a new service or cloud provider. Sometimes the team leaders don’t realize even the seemingly smaller integrations still need to be run through IT, and other times the need is urgent and employees don’t want to wait for the IT audit to be completed.
In other instances, employees might be very conscious of their cybersecurity decisions on the company network, but don’t know how using a remote internet connection or using personal devices for work could impact the company. Including shadow IT in your employee cybersecurity training is the best way to educate your workforce about the potential danger of their decisions.
Protecting your organization from bad actors requires a monitoring technique that scans for shadow IT. Manual processes or tools requiring oversight from a member of the IT department can be time consuming, and can fail to monitor every corner of your network.
With BitSight for Security Performance Management, customers are given access to Attack Surface Analytics. Attack Surface Analytics specifically helps program managers discover hidden assets and cloud instances on your network. BitSight then will assess the discovered areas of shadow IT for their inherent risk to your business, and then help bring them into line with your corporate security policies.
If you’re curious about what shadow IT is lurking in your network, you can request an Attack Surface Analytics report with BitSight today.
A single unauthorized device being used on your network. An unsanctioned application someone’s accessing from their non-secure home PC. A small vendor with a seemingly insignificant vulnerability.
All of these are seemingly small...
Imagine you've alerted your IT team to a critical infrastructure error plaguing your network. You ask them to drop their current work and focus on immediate remediation of this detected vulnerability. After further investigation,...
Recent events have made cybersecurity a top concern among C-suite executives. The SolarWinds breach, Capital One incident, and Colonial Pipeline attack are just a few of the noteworthy events that have made CEOs and CFOs take active...