By now, you would have hoped that there had been enough data breach headlines and cyberattack scaremongering for every business to realise the importance of security. However, companies are often so busy focusing on external threats that they neglect their internal vulnerabilities. One such security failing that needs to be tackled from within is shadow IT.
[easy-tweet tweet=”#Cloud and #smartphone #technology has eroded the role of the #IT department in many businesses” user=”anke_philipp” usehashtags=”no”]
The rise of cloud computing and smartphone technology has eroded the role of the IT department in many businesses. The average employee is, by and large, comfortable with purchasing and using devices to access company data and applications, without making IT personnel aware. BYOD, remote working and cloud applications have all brought countless benefits, but they have also wrestled control away from businesses.
Of course, in most cases the employees engaged in shadow IT do not have any malicious intent. However, when staff act without authorisation, there can be risks involved. Firstly, shadow IT can be costly as many individual licenses fail to benefit from economies of scale. The use of third-party cloud applications also means that company data could be at risk. Clearly IT teams need to reclaim some level of control – but it is currently proving a challenge. A recent survey by Cloud Security Alliance found that almost 72 per cent of executives and IT managers do not know the number of shadow IT apps within their organisation.
when staff act without authorisation, there can be risks involved
For IT managers looking to gain a handle on the shadow IT taking place within their organisation, IBM Cloud Security Enforcer offers some hope. It provides IT teams with a clear dashboard breaking down the cloud apps being used and by whom. It also offers alerts if employees are breaking company policy or acting in a way that could put business data at risk. Previously, IT managers would have had to trawl through mountains of data to gain this information, but now assessing the risk of shadow IT is a much simpler process. Crucially, it give businesses visibility, as well as control.
IBM Cloud Security Enforcer also provides real-time threat intelligence, so businesses can respond rapidly to any potential vulnerabilities or attacks, and by covering PCs and mobile devices, it guarantees robust protection. Identity and access management is also provided to ensure that individuals only have access to the resources that are relevant to their work. IT managers can create an employee launchpad of approved cloud apps to ensure that there is always an easily accessed alternative to shadow IT.
[easy-tweet tweet=”The rise of #shadowIT stems more from employees trying to be productive than it does deliberate deception” usehashtags=”no”]
In fact, it is important to realise that IBM Cloud Security Enforcer isn’t about clamping down on employee freedom. The rise of shadow IT stems more from employees trying to be productive than it does deliberate deception. It’s important, therefore, that organisations still encourage this productivity, but introduce better safeguard for the business. With IBM Cloud Security Enforcer, it’s much easier for business to reduce risk without crippling employee freedom.
Anke Philipp, has just recently been appointed as the Director, MSP/CSP
Comments are closed.