Shadow IT Use By Employees Puts Organisations At Risk Of Cyber Incidents: Kaspersky
Globally, the use of shadow IT by employees was the cause of cyber incidents in 11% of organisations in the last two years.
About 89% of Indian organisations suffered cyber incidents in the last two years, and 20% of these were caused by the use of shadow IT, a report by cybersecurity firm Kaspersky showed.
Globally, the use of shadow IT by employees was the cause of cyber incidents in 11% of organisations in the last two years.
According to the report, the use of shadow IT by employees amid the growing trend towards a remote, distributed workforce puts organisations at a high risk of cyber incidents.
What Is Shadow IT?
Shadow IT is the part of an organisation’s IT infrastructure that is outside the purview of the IT and information security departments, including software, applications, unsolicited devices and public cloud services. IT/security departments often don’t have knowledge of the shadow IT infrastructure, and it is not used by employees in accordance with information security policies.
Abandoned hardware, after IT infrastructure modernisation, can also be used in the shadows by employees, acquiring vulnerabilities that can later affect the company’s infrastructure.
“Employees who use applications, devices or cloud services that are not approved by the IT department, believe that if those IT products come from trusted providers, they should be protected and safe,” said Alexey Vovk, head of information security at Kaspersky.
“However, in the ‘terms and conditions', third-party providers use the so-called ‘shared responsibility model’. It states that, by choosing ‘I agree’, users confirm that they will perform regular updates of this software and that they take responsibility for incidents related to the use of this software (including corporate data leakages),” added Vovk.
Deployment and operating shadow IT can lead to serious negative outcomes for businesses. The study revealed that the IT industry had been the hardest hit, suffering 16% of cyber incidents due to the unauthorised use of shadow IT in 2022 and 2023. Other sectors affected were critical infrastructure as well as transport and logistics organisations, which saw 13% attacks, said the report.
Shadow IT Risk Mitigation
To mitigate the risks of using shadow IT, the study recommended the following steps:
Build cooperation between the business and IT departments to create new and improved IT services.
Regularly conducting an inventory of IT assets and scanning the internal network to avoid the appearance of uncontrolled or abandoned hardware and services.
On personal employee devices, give access to only the resources they need to do their job. Use an access control system to allow only authorised devices.
Carry out training programmes to improve the information security literacy of employees and also of IT security specialists.
Deploy products and solutions that allow you to limit the use of unsolicited apps, websites and peripherals.
Limit the work of employees with third-party external services and, if possible, block access to the most popular cloud information exchange resources.
“At the end of the day, business needs tools to control the shadow IT when it’s used by employees. The information security department will of course still need to conduct regular scans of their company’s internal network to avoid the unauthorised use of uncontrolled and unsafe hardware, services and software applications,” said Vovk.
