Halloween is right around the corner. Costumes, candy, trick or treat — every shadow is a potential fright, every bump a ghost! Halloween comes once a year, but for your organization, invisible threats to your data and productivity happen daily. While the news is filled with stories of external cyber attacks, it’s still important to remember that critical data loss can occur as a result of employee behavior as well.
Shadow IT – What’s the Risk?
Shadow IT is a Halloween-worthy example of employee behavior that isn’t intentionally malicious, but can impact corporate security, compliance and can put your Office 365 data at risk. Shadow IT is defined by Gartner as software, services and devices that are managed outside of, and without the knowledge of the IT department.
At one time Shadow IT was limited to software programs employees purchased at office supply stores and loaded onto their computer. However, with the proliferation of consumer apps, SaaS, the cloud, and free file sharing tools, securing your environment against Shadow IT has become a frightful IT security and regulatory challenge.
According to Brian Lowans, an analyst at Gartner, “Most organizations grossly underestimate the number of Shadow IT applications already in use.” In fact, according to Microsoft, 80% of workers admit to using SaaS applications not approved by IT to help do their jobs.
If SaaS and cloud-based apps exist outside your IT organization’s knowledge AND firewall, they can create vulnerabilities for hackers to exploit. Once your organization has been breached, ransomware or viruses proliferate across your organization quickly, leading to data loss, loss of IP and productivity. Unfortunately collaboration tools such as SharePoint Online can accelerate a virus throughout your organization. Beyond data protection, your organization may also be liable for compliance violations which come with audits and penalties.
Making Shadow IT Disappear
To protect against Shadow IT one needs a mixed approach to data security that engages people, process, and technology. This can be particularly tricky since it requires not only locating the unauthorized technology, but also requires behavioral changes across your organization. To defend your organization against Shadow IT, and most importantly, protect your data, we recommend the following five steps:
1. CREATE A TEAM: which includes stakeholder input from business units, IT, compliance, and security teams to put rules and regulations in place to help prevent future employee breaches.
2. AUDIT YOUR ORGANIZATION: Perform a hardware and software audit across your organization to identify which rogue applications and SaaS employees are using. Determine what data is uploaded and downloaded? Identify unprotected paths to the cloud. This information enables you to remove unwanted applications, determine which accounts and devices have been potentially compromised, and implement security measures and policies to prevent those programs from being accessed again. On a positive note, a full audit will uncover usage patterns and point to business need that IT should fill with authorized software or SaaS.
3. CONTROL YOUR DATA: Once you have visibility into your Shadow IT footprint, implement more granular data access policies. For example, enforce policies that control or restrict data types, that block any app/SaaS downloads without Manager and IT approval, or that put users in quarantine if they violate a security policy. Take concrete measures to gain control of your environment and its touch points to the cloud.
4. EDUCATE: your organization about security risks, and their compliance obligations; how their behavior – specifically downloading software to the corporate network or using unauthorized endpoints create security vulnerabilities. Many employees download apps to help them do their jobs better. In all likelihood they are not aware of the the security and compliance risk they pose. Another solution is to use SharePoint Online to create an intranet on the subject of Shadow IT and general security risks for your employees.
5. PROTECT: In addition to security monitoring from the endpoint through the network to the cloud and data centers, use Spanning Backup for Office 365 as part of your security solution. With backup and recovery functionality in place, if Shadow IT results in a virus or malware attack causing interrupted productivity or data loss, simply use Spanning to roll back your data to the date exactly before the attack or data disruption occurred. In that way, you will always have a “clean” and complete copy of your data to revert to.