Do you know where all your organisations data is? You don’t know what you don’t know

17 Jun 2021 | Security

What is ‘Shadow IT’?

Shadow IT refers to the various web tools informally in use within most organisations. These tools are often chosen without reference to IT or to management in general.

They are often used for all the very best reasons. Your colleagues have work to do, and these tools help them, so they get used. You might know about some because there is a subscription charge, but others might be free.
These tools can be anything from simply keeping lists of tasks to do, sharing information or managing workflows, providing newsletter lists, or recruiting staff. Its endless.

There’s all sorts of web pages out there that your people will be finding useful and will be using.

The question is, do you know what is being used on your behalf?

Even more importantly, do you know who’s got access to them? As your staff come and go, do you know to change passwords or reset user accounts to make sure that no one who has left you (maybe even gone to a competitor) is still able to access your confidential data?

Shadow IT is one of the largest threats to data privacy in organisations today. It’s not necessarily because these sites are going to be hacked, although it’s always possible, but it’s because if you don’t know the tools are in use, then there is no way that you can manage them!

The first step to maintaining this data is to identify them, and that’s why you need new tools that are cloud focused.

If you’re still using the same old security tools that you used prior to the cloud, then you are simply not keeping up and we need to talk!

Here’s a story about what happens if you don’t have this under control: Why you need to know all the cloud services that your organisation uses – IT Solutions and Managed Services (kinetics.co.nz)

Tracking Shadow IT is part of our KARE for Security S2 plan.

 

Pretending to be you or your colleagues

Pretending to be you or your colleagues

On some emails, you might see a warning that marks them as being ‘external’. This gets added as the email comes into your organisation. The idea is a simple one – if you see an email marked as external, then you will be more cautious with it. If you see an email that...

Avoiding ad trackers when you browse the ‘net

Avoiding ad trackers when you browse the ‘net

Your own personalised stalker It always seemed slightly creepy that your computer shows advertising that is strangely accurately targeted at things you might have been interested in.  On the surface, that seems quite useful.  If you have to tolerate ads on your...

Phishing emails are getting smarter every day

Phishing emails are getting smarter every day

n the old days (ie last year!!), a dodgy email had a whiff to it – there was something that triggered your subconscious. That’s because some phishing emails were really badly written with terrible English.  But others just had a sniff about them- something that made...

Bad news email attachments

Bad news email attachments

Some emails are more than just bad news No one likes bad news! But sometimes it can’t be helped. Sometimes it sneaks up on you. One of the most common ransomware attacks is through a compromised attachment in an email. It’s easy to say “only open stuff you expect” but...

“LOCK ‘EM UP AND THROW AWAY THE KEYS”

“LOCK ‘EM UP AND THROW AWAY THE KEYS”

   Password Vaults and You With more and more websites necessary for our everyday activities, it’s getting harder and harder to manage passwords. By now, you will know not to write passwords on post-it notes and paste them on your screen. Its not uncommon for...