• Tags:
  • shadow it

IT Security

Under the radar: Shadow IT – the eternal battle

04. April 2024, Avatar of Sebastian WasikSebastian Wasik

For IT admins, seamless monitoring of their network endpoints is one of the most important prerequisites for detecting and preventing security threats as early as possible. Shadow IT – unauthorized hardware and software on the company network – is a long-standing concern. And new studies show that the challenge is not getting any smaller. 

In short

  • Increasing employee use of cloud-based applications, generative AI and app store applications is increasing the complexity and risks of shadow IT.
  • The use of unauthorized software and devices poses considerable security risks by increasing the number and type of attack surfaces for hackers to exploit. 
  • Advanced analytics and inventory tools such as SAM, MDM, UEM, and CASBs are critical for detecting, monitoring, and managing these risks. 

The emergence of cloud-based self-service applications, generative AI and readily available applications from app stores brings with it a secondary challenge for IT departments: users are no longer limited to the applications managed by the company. Instead, they are increasingly using tools that they feel will simplify their work or make it more efficient. At a time when the boundaries between professional and private use of the Internet are becoming increasingly blurred, especially on mobile devices, the use of unauthorized software on corporate networks poses an ever more complex threat. The problem of so-called shadow IT is persistent and expected to increase. Gartner reported that 41 percent of employees in 2022 either acquired, modified or created technologies to use at work that were not under the control of IT . By 2027, that figure is estimated to increase to 75 percent.

Risks hidden in the digital shadows

Shadow IT mainly arises when employees want to work in ways that seems most efficient to them. They often have had positive experiences with certain applications or find them more effective than the solutions approved by the company. In some cases, the company may not even provide an officially approved solution for specific needs such as messaging or file sharing, prompting employees to turn to alternatives such as Dropbox, WhatsApp or Google Drive. In other cases, the procedures for requesting approval to use different resources or services are seen as slow and inefficient.

Common reasons that lead to shadow IT in companies

  • No authorized way to share large amounts of data with third parties
  • Use of software used by external partners, e.g. suppliers, technology partners or sales partners
  • Devices that provide a critical service and are incorrectly configured
  • IoT or other smart devices that employees introduce without authorization (smart doorbells, digital assistants, printers, etc.)
  • Wi-Fi access points that provide coverage or types of access that the company has not provided
  • Unapproved messaging or video conferencing services that are not monitored
  • Readily available external cloud storage services to share files with third parties or that allow employees to work from home with an unauthorized device
  • Use of tools that access company data
  • Alternative project management or planning services in place of enterprise tools

The use of unauthorized devices, apps and services poses immense security risks due to a lack of IT oversight and control. The growth of home-based and mobile work and new generative AI tools exacerbates this problem. Shadow IT differs from BYOD, where effective policies allow companies to manage risks by controlling company data and resources allowed on the user's device.

When shadow IT is in use, IT admins have no way to detect, assess, or manage risks, particularly at a time when cyberattacks are becoming increasingly common. When users become the target of ransomware or malware, admins urgently need an overview of affected devices to prevent the spread of the infection to the rest of the network. This is because cyber criminals are using increasingly sophisticated methods to infiltrate companies and encrypt sensitive data, often with the aim of extorting ransom payments. Employees are often unaware of or disregard the potential risks that the use of such software and personally managed SaaS tools can pose.

Acting instead of waiting: Important key measures

Combating shadow IT starts with shedding light on your company's digital shadows. While manual methods of checking endpoints are outdated and inadequate, advanced analytics and inventory tools that enable silent monitoring can provide a detailed understanding of the resources in use. That degree of network transparency is essential for developing an effective plan to prevent or solve the problems caused by shadow IT.

  • Create transparency –Tools such as Software Asset Management (SAM), Mobile Device Management (MDM), and Unified Endpoint Management (UEM)  enable IT teams to gain visibility into software usage across their network. The removal of local admin rights and the implementation of application whitelisting further strengthen security. Cloud access security brokers (CASBs) are also playing an increasing role in IT security. They provide visibility, compliance, data security and threat protection in cloud environments, making them essential for organizations using cloud services.
     
  • Establish proactive IT management – The tools mentioned above help IT admins act proactively and reduce shadow IT. This enables them to ensure control over software versions, efficiently install updates and patches, detect vulnerabilities and continuously manage end devices. Automated software distribution simplifies standardized rollouts. Self-service portals give users more autonomy within a controlled framework and relieve IT staff of the need to manually process individual user requests. Managing the IT landscape is a continuous process that needs to be constantly adapted and monitored to ensure that the procedures are optimally aligned with your requirements and constraints.
     
  • Train and involve employees – Employee training also plays a central role in reducing shadow IT. Regular security training, communicating clear guidelines and creating a user-friendly IT environment can raise awareness and minimize the use of unauthorized devices and software. In times of remote working, it is also important to ensure comprehensive control over all devices that access company data and to promote a culture of security.

Shadow IT as an opportunity?

The existence of shadow IT has an enormous effect in one respect: IT departments need to rethink and adapt their corporate guidelines. Shadow IT provides important indications that the officially approved IT solutions do not meet all employees’ needs for efficient work processes. IT specialists should therefore always try to understand the needs that unauthorized applications meet and what secure alternatives they can offer. 

Stay in touch

Shadow IT will always be a part of modern business computing, but IT departments can minimize the risks through proactive measures and the use of appropriate tools. The keys to success lie in transparency, control and open communication with users to increase awareness of the risks, and an understanding of how their own user behavior contributes to a secure and efficient IT environment. 

Understand and efficiently manage shadow IT

Declare war on shadow IT with transparent endpoint monitoring - find out how the baramundi Management Suite (bMS) can help. 

Reduce your shadow IT risks with the bMS

  • Tags:
  • shadow it

Read more

Entries 1 to 3 of 3