Securing an on-premise IT eco-system is daunting enough but as users, teams, and organizations start relying upon services (Office 365, Google, Azure, AWS) in the cloud, the task of securing corporate data over unsanctioned data highways starts becoming an overwhelming task. According to Symantec, the average enterprise has over 1,500 cloud apps in use. Roughly, 13% of all data stored in the cloud are broadly shared and of these 1% contain compliance related data. Moreover, these services are used without the knowledge (unsanctioned) and approval of IT departments. Though the intentions for such application uses are typically just “to get things done” in the moment when companies are in a rush. Sometimes, these apps can become a permanent solution to solve these business processes that are either difficult to use or non-existent, any organization that has any data to protect or are under compliance regulations, this can become a severe liability. The easy way of fixing a business process may not always be the safest security practice.
With so many new cloud-based service offerings and integration to smart mobile devices the opportunity is there to increase overall business efficiency, but a security nightmare for anyone in charge. Approximately 66% of IT Pros aren’t sure how many devices are in their environment. When you combine this statistic with the fact that most users are now the “Root” user and IT teams are treated as “Guests” on these devices we are at a tipping point.
There needs to be a way to put a light on Shadow IT. The good news is that security vendors are finally addressing these new data paths and business services to suit the needs of their users. Instead of handcuffing them to traditional on-prem only environments or limiting them to just “popular” cloud providers such as office 365 or salesforce.com. Recent maturation of CloudSOC solutions, tighter integrations with security solutions like DLP, smarter (AI and Machine learning) endpoint and mobile security, and a unified platform to manage solutions, sensors, and common policy rollout can assist in tipping the scales back in the favor of IT Pros and get a better understanding of the ever moving and growing landscape of shadow IT.
Shadow IT assessments identify weaknesses which could result in increased usage of unsanctioned IT solutions and greater likelihood that these solutions are not detected. Through these audits they can get extensive risk analysis and exposure for both server side as well as mobile apps in the cloud. These services can also be extended to remote users and helps CSOs meet compliance monitoring requirements. They can evaluate thousands of cloud services and apply smart intelligence to automate processes or apply policies. Also, certain vendors can tie directly into other appliances and solutions to work together towards an integrated cyber defense strategy.
While the threat of Shadow IT will no doubt continue. The emergence of next gen cybersecurity vendors has at least given CSOs options they didn’t have a few years ago. Gaining better visibility in network traffic to the cloud married with better intelligence will allow them to make better decisions.