What is ‘Shadow IT’?
Shadow IT refers to the various web tools informally in use within most organisations. These tools are often chosen without reference to IT or to management in general.
They are often used for all the very best reasons. Your colleagues have work to do, and these tools help them, so they get used. You might know about some because there is a subscription charge, but others might be free.
These tools can be anything from simply keeping lists of tasks to do, sharing information or managing workflows, providing newsletter lists, or recruiting staff. Its endless.
There’s all sorts of web pages out there that your people will be finding useful and will be using.
The question is, do you know what is being used on your behalf?
Even more importantly, do you know who’s got access to them? As your staff come and go, do you know to change passwords or reset user accounts to make sure that no one who has left you (maybe even gone to a competitor) is still able to access your confidential data?
Shadow IT is one of the largest threats to data privacy in organisations today. It’s not necessarily because these sites are going to be hacked, although it’s always possible, but it’s because if you don’t know the tools are in use, then there is no way that you can manage them!
The first step to maintaining this data is to identify them, and that’s why you need new tools that are cloud focused.
If you’re still using the same old security tools that you used prior to the cloud, then you are simply not keeping up and we need to talk!
Here’s a story about what happens if you don’t have this under control: Why you need to know all the cloud services that your organisation uses – IT Solutions and Managed Services (new.outsource.co.nz/)
Shadow IT is part of our 10-point cyber-security check list
While there is no single layer of technology that can guarantee you will be safe from hackers, you can reduce your risk by adding layers of protection. How many of our 10-point check list are in place for you?
“Request for Information” warning
A recently released report on the Botnet 'MasterMana' has highlighted a simple but effective social engineering technique. MasterMana has been spreading via emails requesting information on products or services offered by the target company. The email is...
Eliot Sinclair Case study – FlightPlan (Best Practice Review)
Overview Eliot Sinclair & Partners (ESP) provide surveying, engineering, planning, landscape architecture and urban design consulting. Headquartered in Christchurch, New Zealand, Eliot Sinclair have provided consultancy services across South Pacific and Asia with...
Those scamming so and so’s
In September, Kinetics held a lunchtime IT security event focused around a presentation by our CTO Bill Lunam. After taking us though an abridged history of the internet, and an update on the current status of Internet crime, Bill explained some specific’s around the...
Microsoft Update – Backup Authenticator (Two-factor authentication tool) and Window 10 1909 ?
Firstly, unless you just delete our emails, or ignore what we (and every other tech professional) have been saying, you should now be using 2FA (two factor authentication) on pretty much everything, especially your Office365. The downside is that you don’t want to...
Bigger than Texas?
Its easy to think of security as something that’s only for larger organisations. They can afford the fancy systems that lock down networks, wireless connections and endpoint PCs & mobile devices. After all, aren't they the only organisations that hackers target?...
Compare two (near) identical Word files, without going insane
Of course, in a modern cloud world, this shouldn’t happen! We should share a link to a file and use versions to maintain it’s history. But we’re not in a perfect work, and we often get multiple people updating copies of the same file. Its all good until we have to...
Scamming your payroll
Keep an eye on your payroll! We're hearing about a bold new scam in the US, but it's bound to come to our shores soon. It's probably more likely to be effective in larger businesses or ones with an outsourced payroll. Essentially, the scammers try to intercept staff...
Would you click on either of these?
You are most vulnerable when you are busy, frantically jumping from call to call, meeting to meeting, distraction to distraction. So when you get a dodgy email, it's very easy to open it. This morning, that was me! And, even as hyper-aware as I am, I still...
Is your phone one of the 25M infected Android phones?
Watch your phone! Agent Smith is the name of the somewhat dry villain character in the Matrix movie trilogy from the late 90's. He appears everywhere, instantly, taking over legitimate personas and replacing them with himself. So is a well-named virus (actually...
Why old versions of Microsoft Windows and Microsoft SQL are putting you at risk
Modernise your infrastructure and future-proof your technology Prepare for Windows Server 2008 and SQL Server 2008 end of support With the end of support for Windows Server 2008 fast approaching, and SQL Server 2008 recently expired, now is the time to start...