Why shadow IT is fast becoming one of your organisation’s greatest threats
June 30, 2021

The dangers that shadow IT can present to your organisation have been growing for years.

For the uninitiated, shadow IT is the use of any software, app, or even hardware, without the approval and support of your organisation’s IT department. 

This can cover anything from downloading a videoconferencing app such as Zoom, sharing files via Dropbox or Google docs, the random use of unauthorised USB storage devices, or accessing unsecured Wi-Fi. 

As a direct result of need to keep remote workers connected during lockdowns, the growing frequency and popularity of shadow IT can make their use seem quite normal; regardless of whether they have received official approval from the organisation. 

It’s a trend that hasn’t been lost on the world’s growing legions of cyber-criminals. 

During lockdown shadow IT has presented hackers with even greater opportunities. 

Hackers quickly realised that the push toward remote working provided them with new opportunities to target vulnerable digital devices as an entry point into the wider corporate network. 

The result has been a huge rise in malware attacks over the last 12 months. 

According to a recent report from cybersecurity company Wandera, more than 50% of organisations stated that they had experienced an incidence of malware on a remote device during 2020. This was a whopping 40% increase over the figures published for 2019. 

To add to an already worrying scenario, 37% of the remote devices compromised by the malware continued to access company emails, while 11% were still free to gain access to their organisation’s cloud storage. 

And to complete an extremely bleak picture, 28% of organisations have been employing an operating system with a recognised security vulnerability, while reporting a 100% increase in employees connecting to ‘inappropriate content’. 

Just when you thought it couldn’t get any worseenter the fake collaboration app. 

Downloading genuine apps such as Zoom has brought their fair share of problems as has been reported repeatedly over the last year. 

But a new and invidious trend has seen remote workers being tricked into downloading malicious apps in the belief that they are installing something that will assist their productivity.

The source is often in the guise of phishing emails that are being downloaded by remote workers with potentially devastating repercussions. These fake apps claim to offer the latest and best collaboration tools, whereas in reality they have been created with the purpose of stealing data or accessing the user’s microphone or video camera in order to eavesdrop. 

As a result, any device compromised by the malware provides hackers with direct access to the corporate network. 

Not surprisingly 2020 saw a huge increase in hacker activity, especially ransomware. And while malware and viruses can cause major problems, ransomware can cost an organisation a fortune in both cost and damage to its brand. 

Crowdstrike’s 2020 Threat Hunting report revealed that there has been a dramatic increase in hands-on hacking activity. Instead of relying on automated programmed scripts, hackers are exploring these compromised scripts themselves, leading to a year-on-year increase in ransomware attacks of over 700%

It’s a frightening thought that just one user, downloading a single app hiding this malware could bring an entire organisation to its knees. 

The solution to growing problem 

No matter how often organisations warn their employees about the dangers of downloading unauthorised apps, the hard truth is that there is always going to be someone who ignores the rules. 

The only fail-safe method of preventing employees jeopardising the entire organisation through an act of carelessness is by removing their ability to make unilateral decisions without the approval of administrators. 

In order to fully safeguard your organisation from threats such as these requires a comprehensive range of actions:

  • Every end device must receive regular security updates.
  • Software package deployment should be centrally controlled as end users can’t be trusted to install software.
  • Anti-virus software must always be switched on and up to date.
  • Patch management should be up to date.
  • End users should be protected from downloading rogue software and browsing malicious websites.
  • End users should be restricted from by-passing security controls, such as the use of USB devices and personal computing devices.
  • Use modern security solutions to identify and prevent malicious data packets that infiltrate your network.
  • Monitor any potential cyber-threats before they impact and disrupt your network.

All well and good, but how can you ensure that all these elements are being monitored and enacted? 

How our Managed Digital Workspace helps keep you secure. 

With the demand for remote working continuing to grow, to counter the threats posed by shadow IT and fake collaboration apps, we deliver a security solution that delivers complete peace of mind.

Our Managed Digital Workspace incorporates five crucial elements designed to protect your distributed workforce from cyber criminals: 

  • VMware Workspace ONE intelligence-driven Mobile Device Management (MDM) platform.
  • Cisco Umbrella Secure Internet Gateway (SIG) for remote users.
  • Cisco Secure Endpoint (Advanced Malware Protection for Endpoints).
  • Cisco Talos Intelligence Group.
  • Quadris Security Operations Centre (SOC).

It’s an extremely powerful set of services that combine to deliver comprehensive protection together with ongoing threat analysis: 

  • Advanced policy control of digital workspace equipment, including encryption, USB access, patching, and application use.
  • Web access control through DNS-based internet proxy for mobile devices and Windows desktops.
  • Immediate identification and prevention of malicious data packets that are attempting to infiltrate your network.
  • Monitor any potential cyber-threats that are on the horizon, before they impact your network.

(For the full story click here.)  

Full support 24/7/365. 

Our Managed Digital Workspace also provides a round-the-clock service desk staffed by front-line technicians and backed up by industry leading experts.  

As a result, if a problem arises or a threat is detected you can rest assured that your IT network is in safe and secure hands. 

You stay in control. 

Historically, IT departments have been reluctant to employ external support for fear of relinquishing control. With this uppermost in mind, we have developed EyeQ, the intelligent customer portal that allows you to see with total transparency that we are delivering everything our Managed Digital Workspace solution promises. 

EyeQ provides you with a wide range of reports covering: any security incidents that have occurred, the present status of the anti-virus software, the status of all backups, proof that scheduled maintenance tests have all been completed, how many tickets are open together with the status of all tickets, adherence to all agreed SLAs, and more. 

It ensures that we always deliver on all our promises and you maintain complete control. 

Take the proactive approach and call us today.  

As we speak, someone, somewhere is downloading a fake collaboration app or accessing websites that could put their organisation as risk. Make sure it’s not one of your employees by introducing the protection offered by our Managed Digital Workspace solution. 

To discuss the security challenges faced by your organisation, contact Peter Grayson on 0161 537 4980 or email peter.grayson@quadris.co.uk

More Articles