Risk Management

Shining a Light on Shadow IT

You need something from the basement, but it’s as dark as pitch down there. You flick on a light to see something scurry into a corner, into the shadows. Do you dash back upstairs and conveniently forget about what you saw, or do you bravely reach for the flashlight and pursue the enigma further? That’s the kind of dilemma IT faces all the time. In an article for Fierce CIO, Torsten George explores the notion of shadow IT: the unsanctioned use of apps and technologies by business users and departments alike.

Why Pursue Shadow IT?

IT has standards for a reason. COBIT, Basel II, HIPAA, FISMA, PCI DSS: they’re all designed to prevent the kind of havoc that shadow IT inevitably produces. You know, like security gaps, misaligned systems, inconsistent service level agreements, and lack of visibility over security and controls. In a word, shadow IT is risky.

Identify and Neutralize

What kind of shadowy creatures are slinking around the corners of your organization? Perhaps you’ve got a SaaS infestation, a swarm of cloud use, or an invasion of unregistered apps. Before these pests eat away at the foundation of your institution by causing power outages, data loss, or unauthorized disclosure, take action to secure the premises with these easy tips:

  • Tip 1: Build a better IT environment–one that can withstand the intrusion of cloud-based applications by securely monitoring and handling those applications.
  • Tip 2: Develop a standard policy for handling cloud applications in every instance, allowing employees the benefit of understanding what does and doesn’t count as shadow IT.
  • Tip 3: Allow non-approved and cloud-based applications to flourish by channeling them through the proper security encryption.

As George notes, cloud providers should themselves be held accountable for the kind of security risks posed by shadow IT. Organizational trust is something that doesn’t run from the light.

Read the full article at: http://www.fiercecio.com/story/shining-light-shadow-it/2014-09-04

Show More

Leave a Reply

X

We use cookies on our website

We use cookies to give you the best user experience. Please confirm, if you accept our tracking cookies. You can also decline the tracking, so you can continue to visit our website without any data sent to third party services.