Shadow IT

 Shadow IT 

As software-as-a-service applications have become increasingly quick and easy to use, employees can now download solutions onto their workstations to help them get the job done. However, many are using these applications with little regard for security. It’s not surprising then that a 2019 Forbes Insights survey titled “Perception Gaps in Cyber Resilience: Where Are Your Blind Spots?” found that more than one in five organizations experienced a cyber incident originating from an unauthorized — or “shadow” — IT resource.

What you need to know: Shadow IT refers to IT applications and infrastructure that employees use without the knowledge and/or consent of their organization’s IT department. These can include hardware, software, web services, cloud applications and other programs. In general, well-intentioned employees innocently download and use these applications to make their work easier or more efficient. It’s a phenomenon so pervasive that Gartner had estimated that a third of all enterprise cybersecurity attacks would be from shadow IT resources in 2020. Because users are accessing these applications largely under the radar, they are often unintentionally opening the floodgate for insider threats, data breaches and compliance violations.


Comments

Popular posts from this blog

Compromised Credentials

SQL Injection