Microsoft: Shadow IT leaves you vulnerable – Learn how to get control now
Shadow IT is here and it’s a threat to your organization. What is Shadow IT? It’s when your employees use unapproved devices, SaaS apps, or any other type of technology – without your consent- for getting their work done. As the traditional solutions do not have visibility to users’ actions, unfortunately, Shadow IT is neglected or ignored. For example, there are several organizations and IT teams that claim they are not in the cloud. But, the reality is, their employees already are. A study shows that more than 80% of employees admit to using non-approved SaaS apps for convenience, to be more productive, or because they are easier to use. Unfortunately, your employees are unknowingly putting your company at risk and could be maliciously sharing files and exfiltrating sensitive data. It is smart to get a handle on this now.
To be provocative – some argue that SaaS and Cloud App Security (CAS) is much harder than classic network-based security. Why, you may ask? Because employees can do what they want, from any device and from anywhere. This undermines the basic assumptions of the security models used today by IT teams. Network security tools assume employees are using the corporate network, while end-point security tools assume they are using a corporate device. But, if they can use any app, from anywhere in the world, none of these assumptions apply.
Cloud Security is an equally important control plane to lock down as part of your defense in-depth strategy. Additionally, it will help you get compliant with the new Global Data Protection Regulation (GDPR), being enforced by May 2018.
Read the entire article here, Shadow IT leaves you vulnerable – Learn how to get control now – Enterprise Mobility and Security Blog
via the fine folks at Microsoft.