dcsimg

How Risky Behaviors Hurt Shadow IT Security

  • How Risky Behaviors Hurt Shadow IT Security

    How Risky Behaviors Hurt Shadow IT Security-

    Google Drive and Shadow IT

    The security team at Bitglass points out that cloud productivity apps like G Suite are quickly coming out of the shadows, now officially sanctioned in many organizations. However, the team adds, many IT departments turn a blind eye to features like one-click sharing and components like the Google Drive sync client. This may be because these organizations lack the granular controls necessary to restrict access in risky contexts – unmanaged device use of the sync client, for example – and in failing to do so, expose themselves to a potential breach.

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11

How Risky Behaviors Hurt Shadow IT Security

  • 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11
  • How Risky Behaviors Hurt Shadow IT Security-9

    Google Drive and Shadow IT

    The security team at Bitglass points out that cloud productivity apps like G Suite are quickly coming out of the shadows, now officially sanctioned in many organizations. However, the team adds, many IT departments turn a blind eye to features like one-click sharing and components like the Google Drive sync client. This may be because these organizations lack the granular controls necessary to restrict access in risky contexts – unmanaged device use of the sync client, for example – and in failing to do so, expose themselves to a potential breach.

Shadow IT is the use of assets that don't fall under the management of the IT department, and, says Phil Richards, CSO of LANDESK, it can be a huge security problem, especially for those companies that don't have a strong IT department to monitor application and device use, or when policies are too restrictive to allow employees to do their work efficiently. "The existence and growth of shadow IT is usually a sign that the central IT organization is not meeting the needs of the business," says Richards. This means too many employees are going rogue to do their work.

This is putting both the network and its data at risk. For example, Symantec's Shadow Data Report analyzed the business readiness of over 15,000 cloud apps and services based on more than 60 security criteria. The result was that only 1 percent of these apps were found secure enough for business use. Many apps and services are already a security risk, but when they are used as shadow IT, the potential threats go unchecked.