What is shadow IT (Information Technology) in cybersecurity?
Shadow IT refers to hardware devices, software or services deployed within organizational infrastructures without the approval and knowledge of corporate IT department. These devices and services might be installed within datacenters (on premise) or in cloud platforms (off-premise). These establishments could further serve perpetrators to leak sensitive and valuable data of organizations without even being noticed and tracked. This might have detrimental effect to the very existence and reputation of organization if it is left unchecked.
IT Departments should diligently work to have complete inventory of each device deployed and service running within their enterprises. Furthermore, organizations should have mechanisms to ensure visibility and control of applications, hardware and services deployed and running in their platforms and infrastructures. Additionally, organizations should put in place NAC, EDR, SIEM and related solutions across their entire organizational assets to continuously monitor users’ actions and behaviors. These all will help organizations to minimize the effect of cybersecurity risks of shadow IT.
Last but not least, IT departments should work hand-in-hand with procurement departments and supply chain management functions. This will enable enterprises to prevent the establishment of unsanctioned devices and services. In addition, organizations should proactively conduct comprehensive risk assessment endeavors before introducing BYOD options to their environments.