Threat Tuesday: The Risk of Shadow IT


Are you providing the tools your company needs to do its job? You may get different — and surprising — answers depending on exactly who you ask. While you may feel that you are providing good service to your employees, they may have a different viewpoint. And that difference presents a serious security threat to your business.

“Shadow IT” is any IT service used by your employees for business purposes without the knowledge or consent of your IT team. Most commonly, this means cloud services like Slack, Google Docs, and Dropbox — but it can include use of personal email accounts and mobile devices for unauthorized activities.

And it’s a widespread trend. A recent Stratecast survey reported that 80% of employees have made use of a third-party service for work without IT approval.

The security risks of shadow IT can hardly be understated. Recent data breaches have included millions of email addresses and common passwords, which are constantly being used to attempt to break into cloud providers. And even mature services can still be breached, leaving your data exposed.

So what can you do to reduce the risk of shadow IT? First, you need to be in tune with what your business needs to get the job done. If current tools aren’t working, look for alternatives that keep you in control of your business. Mature cloud services offer enterprise control panels, granular data management, and many other features that keep you in control while giving your employees the convenience they need.

Shadow IT can impact the end of the IT lifecycle too. Does your company have a trusted partner to securely dispose of old equipment? CyberCrunch can help you to reduce waste while keeping your data from falling into the wrong hands — contact us today.