What is ‘Shadow IT’?
Shadow IT refers to the various web tools informally in use within most organisations. These tools are often chosen without reference to IT or to management in general.
They are often used for all the very best reasons. Your colleagues have work to do, and these tools help them, so they get used. You might know about some because there is a subscription charge, but others might be free.
These tools can be anything from simply keeping lists of tasks to do, sharing information or managing workflows, providing newsletter lists, or recruiting staff. Its endless.
There’s all sorts of web pages out there that your people will be finding useful and will be using.
The question is, do you know what is being used on your behalf?
Even more importantly, do you know who’s got access to them? As your staff come and go, do you know to change passwords or reset user accounts to make sure that no one who has left you (maybe even gone to a competitor) is still able to access your confidential data?
Shadow IT is one of the largest threats to data privacy in organisations today. It’s not necessarily because these sites are going to be hacked, although it’s always possible, but it’s because if you don’t know the tools are in use, then there is no way that you can manage them!
The first step to maintaining this data is to identify them, and that’s why you need new tools that are cloud focused.
If you’re still using the same old security tools that you used prior to the cloud, then you are simply not keeping up and we need to talk!
Here’s a story about what happens if you don’t have this under control: Why you need to know all the cloud services that your organisation uses – IT Solutions and Managed Services (new.outsource.co.nz/)
Shadow IT is part of our 10-point cyber-security check list
While there is no single layer of technology that can guarantee you will be safe from hackers, you can reduce your risk by adding layers of protection. How many of our 10-point check list are in place for you?
Did you know that Microsoft Word has an option for sharing documents with colleagues so they can read and comment, but not change them?
Review Mode Now you can share documents with colleagues so they can comment, but NOT change your hard work. You can turn it on when you share by clicking on the “People you specify can edit >” line of the sharing window. That will mean they can open your document...
Phishing emails are getting smarter every day
In the old days (ie last year!!), a dodgy email had a whiff to it – there was something that triggered your subconscious. That’s because some phishing emails were really badly written with terrible English. But others just had a sniff about them- something that made...
A cyber-criminal only needs to get lucky once. You have to stay ahead of them all day, every day
"A cybercriminal only has to be lucky once, while a defender has to be lucky every minute of every day.” - Combating Ransomware - A Comprehensive Framework for Action: Key Recommendations from the Ransomware Task Force. The message we hear from governance boards over...
Learn why use of Teams is growing at lightspeed
Learn why use of Teams is growing at lightspeed: In this webinar we looked at what new capabilities are driving increased usage. We then discussed which are most applicable to kiwi businesses, to help shortcut your learning on which you can apply to your...
Bad news email attachments
Some emails are more than just bad news No one likes bad news! But sometimes it can’t be helped. Sometimes it sneaks up on you. One of the most common ransomware attacks is through a compromised attachment in an email. It’s easy to say “only open stuff you expect” but...
When you willingly share data, how do you stop it leaking?
Data Leak Protection (DLP) is the name of several policies in Office 365, setting up what data can, and can't be, shared and with whom. Imagine being able to automatically identify private information like passport numbers, Health IDs or bank account details and make...
Newsflash – US Nuclear secrets leaked online through Shadow IT
This sounds like a nightmare that could never happen. US soldiers have been putting sensitive information online in non-secure third party websites. It defies belief, yet we’re reading that it happened. The story popped up on ‘Gizmodo’ . It is alleged that US Soldiers...
We’re not immune to outages either 🙁
Trans-Tasman outages On the 15th June Microsoft experienced issues across Australia and New Zealand with Teams calling. For Those of us using Microsoft Teams as our phone system, they stopped working. We experienced issues with inbound and outbound calls. The...
“LOCK ‘EM UP AND THROW AWAY THE KEYS”
Password Vaults and You With more and more websites necessary for our everyday activities, it’s getting harder and harder to manage passwords. By now, you will know not to write passwords on post-it notes and paste them on your screen. It's not uncommon for...
You probably have a cyber-insurance problem, but don’t know it
Good practice last year isn’t good enough anymore. Even cyber-insurance providers are getting more selective before accepting cover, or worse, before paying claims. With the number of claims skyrocketing insurers are increasingly asking, "What did you do to...