August 26, 2020 | By Moshe Dadush Infrastructure Security Manager
Light the Shadow
We all are aware of COVID-19’s global influence and associated impact on the businesses and the corresponding new normal. In this write-up, we would like to particularly highlight one of the significant challenges that organizations do not address as required in the niche of cyber security – Shadow IT.
Shadow IT is a concept which signifies – usage of covert channels, systems, or applications by users (employees and trusted groups), which have not been installed/configured by the right IT stakeholders in the organization or approved/sanctioned by the business. Such instances pose a major risk to the business.
Some most common examples of shadow IT apps within an organization include applications used for collaborations, messaging, and day-day productivity. Some of them include:
- Collaboration apps: Dropbox, Google Drive
- Messaging apps: Skype, WhatsApp
- Productivity apps: Slack, Trello
With a large number of employees working remotely, the amount of data exchanged within and outside the organizations have incremented sharply. In order to get the job done, employees are progressively using IT systems and services which may not have been formally approved and tested by the organizations.
Often, such actions are taken by the users unintentionally and with the aim of increasing their productivity, but at the same time these activities should not be ignored and organizations must work towards minimizing the risks from Shadow IT to their business.
Risks from Shadow IT:
Using unapproved or unsanctioned business applications can potentially lead to massive information security risks – outside the obvious financial and reputational risks.
We have highlighted some of the most common risks of using Shadow IT applications:
- Licensing: Using unlicensed applications can principal to high fines – including legal and compliance disputes.
- Compatibility: Installing new applications in an organization’s infrastructure without performing comprehensive testing in a separate non-production environment, can lead to operational failures with other systems and applications throughout the organization, associated with the business.
- Confidentiality: With the usage of non-sanctioned applications, there is always a lack of organizational visibility and control, which can lead to potential loss of sensitive information without the organization being aware of it.
- Integrity: Installing an un-sanctioned application and corporate IT stakeholders not being aware of the origin of the associated installer files, could be a substantial risk to the organization. The installed files could potentially have spyware, malware, ransomware, etc. which would possibly put the entire business into risk.
Mitigation:
There are several ways to overcome the Shadow IT problem, some of which we have detailed below:
- Permission: Organizations can prevent the installation of new applications or restrict those users who are not authorized to do so.
- Monitoring: Continuous monitoring of what is happening at the endpoints and the network traffic in the organization is crucial and helps to get visibility to such instances.
- Asset Management: It is highly recommended to develop a catalog for all applications and services that have been evaluated and approved for use within the corporate endpoints and the associated infrastructure.
- Data Loss Prevention (DLP): Implementation of a DLP mechanism at an organizational level with the right tools and process (such as classification of sensitive information across the business) is crucial. This helps to identify and prevent leakage of sensitive information across the business.
As more and more organizations adopt cloud and use cloud-based applications, the risks, as well as the attack surface increases dramatically.
The more an organization has visibility across their user’s activity, and, aware of how to provision new tools and technologies for their users, the more they will be able to increase overall productivity reducing the existence of unauthorized tools within their organization.
Visit our blog or Follow Us on Facebook Page for the latest news and insights on cybersecurity.
Stay Safe with TrustNet!