Shadow IT

Shadow IT To Remain A Focus For Both Cloud Vendors And CIOs

Shadow IT To Remain A Focus

Shadow IT, a phenomenon defined as building internal IT systems without the official organizational approval has been a growing concern for CIOs over the last few years. In 2015, it climbed to the top of the list of the emerging IT threats, with as much as 83% CIOs reporting they have experienced some form of unauthorized delivery of cloud services.

This trend has a lot to do with the increased use of mobile devices at workplace and unregulated data transfer through employees’ personal cloud applications, which makes organizations unable to control the flow of corporate data. Unsurprisingly, managing shadow IT implementations becomes a focus for both organizations and cloud vendors.

shadow-IT-tech

Among the major releases we’ve seen in 2015, IBM’s Cloud Security Enforcer gained significant attention by enterprise analysts and security experts as a solution that could greatly increase the safety of business apps. To enable organizations to effectively fight shadow IT, the platform provides the necessary features to monitor and analyze the use of cloud applications at workplace, and use this knowledge to minimize security threats. Apart from IBM, multiple other vendors compete in the market, aiming to redefine the ways enterprise works in the cloud.

New solutions for fighting shadow IT

Employees are more frequently turning to cloud applications to transfer corporate data and accesses company network remotely. This represents a major change for the IT infrastructure in modern businesses and makes the modern workplace more flexible. As a result, companies in the US and most other parts of the world increasingly hire remote workforce and introduce BYOD policies, all of which require new security systems to maintain maximum level of protection.

Comic Tech

To anticipate the demand for secure mobile workforce solutions, multiple cloud vendors have recently released platforms for managing data access and transfer. Apart from Cloud Security Enforcer, back in April, 2015 we also welcomed the launch of CipherCloud’s Cloud Discovery Enterprise Edition that aims to help large organizations enforce their security policies.

In a survey associated with the release, CipherCloud found that 86% of cloud applications used at workplace are unsanctioned, which is a figure that complements the one mentioned in the introduction. Obviously, the security vendors have a lucrative market to serve with their shadow IT solutions. However, even with the advanced security systems, organizations themselves still carry a great deal of responsibility over the ways this issue will be managed.

Addressing the issue directly

Given its scope, shadow IT can be highly difficult to control, due to the diversity of platforms and services potentially involved in creating a whole new infrastructure. The greatest problem, of course, is the fact that employees use the same services for both personal and business files. Yet, some analysts suggested that shadow IT should be embraced as a natural stage of the IT evolution. Furthermore, Gartner analysts had a similar view at the Gartner Symposium/ITExpo 2015. Namely, the general recommendation is to fight the problem by facing it directly, i.e. determining the true scope of shadow IT in the organization first. Speaking at the event, Gartner analyst Hank Marquis said:

Shadow IT for the right reasons, in the right areas, can create value,” adding that organizations have an untapped pool of resources that could be used. “The dark side is you’ll be responsible for the bad decisions all those shadow IT people make.”

workplace-byod

Marquis’ comments imply that the problem is tamable, although not that easily. Organizations first need to find out the ways to identify the number and type of apps used at workplace, as well as educate their employees on the best practices for using them. Currently, some popular apps such as Dropbox and Facebook are most frequently banned at workplace, but the organizations can always suggest more secure alternatives. In the file sharing space, these could be client-side encrypted services such as pCloud and SpiderOak, which provide a higher level of privacy for both personal and corporate documents. This way, the organizations can minimize the long-term risks associated with unregulated and reckless use of communication, file-sharing and storage applications.

After all, employees are still seen as the weakest link in corporate security. Therefore, they need to be educated on the best practices for keeping their accounts safe and on the great risk associated with file sharing. Finally, the organizations need to find the proper balance between adopting new solutions and ensuring the employees always have the necessary resources at their disposal. Only this way, organizations can take advantage of shadow IT, instead of trying to eliminate it completely.

Conclusions

The changing landscape of corporate communications is increasingly associated with the mass adoption of mobile devices that introduce a new level of business flexibility. At the same time, however, the mobile revolution increased organizations’ exposure to cyber risks through Shadow IT and this is precisely the problem today’s leading cloud vendors aim to solve. The latest solutions developed for the purpose promise another era in mobile-enabled businesses, thus representing an interesting new IT focus.

By Sarah Green

CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in cloud connected technology information, resources and thought leadership services.

Contact us for a list of our leading programs.

GDPR Compliance: A Network Perspective

GDPR Compliance: A Network Perspective

GDPR Compliance Regulations can be a tricky thing. For the most part, they’re well thought out in terms of mandating actions that a company can or cannot take - they do a really good job ...
5 Ways the Cloud and IoT Have Transformed the Transportation Industry

5 Ways the Cloud and IoT Have Transformed the Transportation Industry

IoT Transportation Industry The Internet of Things has caused many industries to evolve - but few more than transportation. Here are just a few ways it’s changed the delivery of goods. Remember when websites like ...
How Leading Organizations are Leveraging Big Data

How Leading Organizations are Leveraging Big Data

Seeing The Big Data Picture “Data will talk to you if you’re willing to listen”— Jim Bergeson. Few can dispute that. However, the challenge comes when data transforms into bundles and stacks of unorganized and unstructured ...
Avoiding the IOT ‘Twister’ Business Strategy

Avoiding the IOT ‘Twister’ Business Strategy

IOT ‘Twister’ Most organizations’ ‪ IOT Strategy look like a game of ‪ ‘Twister’ with progress across important IOT capabilities such as architecture, technology, data, ‪ analytics and governance; variables comprising a series of random investments and decisions. There is something ...
GDPR – A Change in the Making

GDPR – A Change in the Making

Organizations all over the EU must be aware by now that the Data Protection Act (DPA) will be changed into GDPR (General Data Protection Regulation). Some of these changes might cause some compliance issues but ...
The Lighter Side Of The Cloud - Playing It Safe
The Lighter Side Of The Cloud - Checking It Twice
The Lighter Side Of The Cloud - Hydro Cancellation
Star Wars IoT CES
The Lighter Side Of The Cloud - Snowball Effect
The Lighter Side Of The Cloud - Once A Year
The Lighter Side Of The Cloud - The Letter "G"
The Lighter Side of the Cloud - Procurement
The Lighter Side Of The Cloud - Techwear

CLOUDBUZZ NEWS

Kaspersky Lab to open Swiss data center to combat spying allegations

Kaspersky Lab to open Swiss data center to combat spying allegations

LONDON (Reuters) - Moscow-based Kaspersky Lab plans to open a data center in Switzerland by the end of next year to help address Western government concerns that Russia exploits its anti-virus software to spy on ...
Security in the Cloud—A Little Known Advantage, Actually

Security in the Cloud—A Little Known Advantage, Actually

Okay, I’ll go ahead and say it: Public cloud infrastructures are more secure, and the security is more cost-effective, than the majority of on-premises data centers. That should get the blood flowing. With the word ...
Researchers combine wearable technology and AI to predict the onset of health problems

Researchers combine wearable technology and AI to predict the onset of health problems

A team of Waterloo researchers found that applying artificial intelligence to the right combination of data retrieved from wearable technology may detect whether your health is failing. The study, which involved researchers from Waterloo’s Faculties ...