How Risky Behaviors Hurt Shadow IT Security

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11
Next How Risky Behaviors Hurt Shadow IT Security-8 Next

Staff Collaboration Using Evernote Means Shadow IT

Employees like using Evernote because of its collaboration tools. However, as Sateesh Narahari, VP of Product with ManagedMethods, points out, in some industries, like health care, using Evernote can result in compliance violations. For example, Narahari says, in order to efficiently share patient info between staff members, the team uses Evernote to record information from patient visits, lab results, phone conversations with patients, prescription requests, etc. "It's their own version of Electronic Health Records, but unfortunately not secure and definitely not in line with HIPAA regulations. The practice is essentially sharing all this patient information with the world since it is stored in the cloud without required security measures to prevent hackers accessing that info and wreaking havoc with it."

Shadow IT is the use of assets that don't fall under the management of the IT department, and, says Phil Richards, CSO of LANDESK, it can be a huge security problem, especially for those companies that don't have a strong IT department to monitor application and device use, or when policies are too restrictive to allow employees to do their work efficiently. "The existence and growth of shadow IT is usually a sign that the central IT organization is not meeting the needs of the business," says Richards. This means too many employees are going rogue to do their work.

This is putting both the network and its data at risk. For example, Symantec's Shadow Data Report analyzed the business readiness of over 15,000 cloud apps and services based on more than 60 security criteria. The result was that only 1 percent of these apps were found secure enough for business use. Many apps and services are already a security risk, but when they are used as shadow IT, the potential threats go unchecked.

 
 
More Slideshows

Remote wipe 10 Steps Your Organization Should Take to Keep Mobile Device Data Secure

In the wake of new reports of serious breaches of mobile devices and data, security professionals share their tips for securing mobile devices and their favorite security solutions. ...  More >>

Privacy rollback Security Pros Give Their Opinions on ISP Data Privacy Rollback

IT staff, organization leaders, and the average citizen have all expressed levels of concern over the FCC about-face in regard to ISP privacy. Here’s what the security experts say. ...  More >>

IBM Watson How and Why Companies Are Incorporating the Power of IBM Watson

Watson continuously learns from previous interactions, gaining in value and knowledge over time. Learn how companies are harnessing that AI power to create and improve products and services. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.