The threat of Shadow IT… it sounds like something out of a Stephen King book or B-horror movie. I can see it now: “scary IT resources that are lurking and waiting — in the shadows — to attack at any minute or hour…coming to a network near you!”
In this blog, we’ll look at what shadow IT is and how you can ensure the network is secured despite it.
What is Shadow IT?
With the ever-increasing threats coming from IT these days, you may have heard about shadow IT now being a very real cyber security threat. The term “Shadow IT” refers to any hardware, solutions, applications or other elements that aren’t known and managed by the IT department.
The larger the organization, the higher the chances that shadow IT elements will start popping up in the network. It sounds paradoxical but, in many cases, shadow IT pops up exactly because requirements become too stringent and users feel the need to bypass processes to gain the real (or perceived) lost productivity that arises due to IT friction.
In a nutshell: because policies are so restrictive, users try to find shortcuts to customize their own apps, hardware and resources and bypass an organization’s IT security mandates.
Shadow IT elements can include:
- Devices such as phones and laptops
- Applications
- File storage
- USB drives
- …etc.
The problem with shadow IT is two-fold:
1. If people bring in their own solutions without approval from their IT departments, organizations may end up purchasing things that aren’t needed. This results in underutilized IT resources, stranded assets and an overall wasteful network.
2. Even worse, if there are IT elements in the network without the knowledge of IT departments, those are very hard to secure and this is what constitutes the main cyber threat: IT resources in the network that aren’t mapped to adequate risk metrics and security protocols.
It’s unavoidable: Shadow IT pops up everywhere, from upper management to anybody in the IT chain. It means it may be impossible to prevent it from popping up in the IT network, and, unfortunately, shadow IT is probably here to stay…
Securing the IT network
So…what can we do to push back against shadow IT? If shadow IT resources are unavoidable, and it seems they are, then the process of securing the network isn’t avoiding the prospect of shadow IT altogether but it actually starts with knowing these elements exist in the network.
But — how can you document the network if you don’t know all the elements that comprise it? A proper understanding of IT processes in the face of a more dynamic environment that’s associated with developed company policies is a good start, but ultimately, as one of our favorite sayings goes, “you can’t manage what you don’t know”: a big step towards securing the IT network (including those shadow IT elements lurking in the background) is to make them part of your network documentation by discovering them!
Discovering your shadow IT elements, and making them part of your network documentation, is possible with a network documentation solution that includes a proper discovery tool and maps new devices and applications with a scheduled frequency. If you can bring in all of the discovered elements into a central network mapping repository, you’ve already gotten half of the work done that’s necessary for properly securing the network.
With a tool like netTerrain, for example, you can start by discovering your network and setting up an automatic network discovery schedule. Scan a range of IP addresses or start with a seed IP address and then work your way, like a network crawler, toward a comprehensive list of all your assets.
netTerrain not only discovers your network but it also brings in properties for each element — including system object IDs that can identify the type of element that exists in the network as well as applications running on it and what’s connected to them.
What’s more? You can schedule hourly or daily scans of the network to ensure you have an up-to-date map of your IT landscape. Discovered assets can be placed on top of physical, logical or application views providing you with your initial so-called “attack surface”. While it’s true that this process does not secure your network, it does give you the first basic tool so you can at least understand where your vulnerabilities may be — so you can then do something about them!
To summarize, while shadow IT may be unavoidable, you can take a proactive approach. Automatic network discovery, such as what our software netTerrain includes, can help you discover what’s hanging out on the network so you can do something about it. As no company blog is complete without some kind of plug, here’s ours: you can get a 14-day free trial (no credit card required) of netTerrain and/or get your questions answered by clicking here.