Many businesses that hadn’t previously provided remote working tools for their employees have had to go for a quick fix as lockdown forced people to stay at home.
The problem is that adopting ad hoc solutions risk undoing years of careful procurement and security management.
This leaves your business exposed to hackers and cybercriminals who are having a field day with hastily dispersed workforces. Gartner estimates that 33% of security attacks will be on Shadow IT resources this year.
That’s not to say that Shadow IT is a new phenomenon or one that applies solely to remote workers. Shadow IT covers a wide range of ill-advised decisions, from executives buying a new smartphone to whole business units subscribing to a software-as-a-service solution unbeknownst to IT. The scale might be different, but the problem is the same.
In 2020 Shadow IT security risks are a mix of old and new. Here’s what to pay particular attention to.
Data Loss
One of the significant problems with Shadow IT is that it makes sensitive data vulnerable to leakage and theft and companies liable to fines for non-compliance with data regulations.
83% of IT professionals reported that employees stored company data in unsanctioned cloud services, a challenge especially apparent with file sync and share tools.
Say Carlos in marketing populates Mailchimp with customer data for his email campaigns, and Anita in legal checks sensitive legal documents in Grammarly. Without thinking about it, they’re sharing a lot of essential data with external companies that IT doesn’t even know about. If either of these companies experiences a data breach, your IT department won’t say it affects them.
Once an IT team loses control over the software on its network and enterprise data is exposed by Shadow IT, they are no longer able to control who has access to that data.
While you cannot always control the sort of applications and services your employees use in the workplace, you can use data loss prevention (DLP) solutions to ensure the security of sensitive information.
In recent years, DLP solutions have become more robust, taking advantage of new technologies such as machine learning, artificial intelligence and behavior analytics. A scalable DLP suite is a solid solution for small to medium businesses because it can grow with your company.
Beyond DLP, you’ll also want to know what unauthorized apps are in use. A study from the Cloud Security Alliance found that 72% of IT leaders did not know the number of Shadow IT apps within their organization, but they want to.
The quickest way to gain visibility? Use a SaaS management platform like Augmentt. You automate by using our advanced log file analysis framework. We allow you to quickly identify every SaaS application being used on your network across the entire employee base.
Phishing Attacks
With remote work and Shadow IT, weak password practices can go unchecked, leading your organization vulnerable to phishing attacks. As people sign up for new accounts, they may use weak passwords or reuse old passwords.
Credential surfing and password reuse are the most common ways attackers gain access to your confidential information. A survey from Entrust Datacard found that an astounding 42% of employees surveyed still physically write passwords down, 34% write them on their smartphones, and 27% write them on their computers.
Additionally, nearly 20% of employees are using the same password across multiple work systems, multiplying the risk of sensitive data if a password is compromised or stolen.
Although IT departments are aware of the security risks of Shadow IT to their organizations, most employees are not. Even the term Shadow IT makes most people think that it’s outside of their wheelhouse. With that in mind, it’s crucial to create a culture of security awareness that speaks to non-technical employees on what Shadow IT is and the risks associated.
Administrators and IT leaders need to help employees understand the risks of using unauthorized tools and how to implement best practices when it comes to trusting applications with company data.
Providing education like cybersecurity training programs can be an efficient way for employees better to understand their responsibility to the company’s overall security.
Ransomware
Unsecured personal devices connected to enterprise networks are ransomware landing zones. According to IBM, Ransomware was deployed 3x more than any other type of malware in cloud environments, followed by cryptominers and botnet malware.
Ransomware is a form of malware that, once it takes over a computer or network, threatens to deny access to or destroy an organizations’ data. Ransomware can easily intercept an enterprise network after being accidentally downloaded by an employee on either a business or personal device connected to a network.
Some surveys unveil ransomware losses for businesses can average $2,500 for each incident. This involves companies willing to shell out upwards of $50,000 to decrypt their data.
