77 percent of IT professionals believe their organizations could earn an edge if company leaders were more collaborative with their businesses to find shadow IT solutions, according to a survey of 1000 US-based IT professionals by Entrust Datacard.
As organizations adapt to changing technologies, employees are eager to use productivity solutions that help them function more efficiently — even if these solutions are outside the company’s IT rules and processes. This is the shadow IT infrastructure – ungoverned and unapproved solutions from file hosting services to personal smartphones on the corporate network that introduce serious security blind spots for management.
While today’s IT departments often lack the processes and protocol to allow employees to use their preferred technologies securely, with the right collaboration between IT and executive leaders, organizations have the potential to deliver the agility needed to embrace shadow IT and create a competitive advantage.
“Security of both customer and company data is a top concern for every enterprise, but employee satisfaction comes in at a close second,” said Anudeep Parhar, CIO Entrust Datacard. “As the number of workplace technologies increases, IT teams must create more agile organizations that embrace modern security protocols — from high-security passwordless systems access to hands-free authentication — while preserving employee innovation and collaboration.”
Empowering employees to use their preferred tools
IT teams recognize the rise in shadow IT suggests employees want better ways to work. 77 percent of IT employees surveyed believe that their organizations could earn an edge over competitors if company leaders were more collaborative about finding solutions to shadow IT needs from both IT and non-IT employees.
Ignoring employee requests drives more shadow IT
Slow IT approval processes can frustrate employees and lead them to introduce even more security risks to organizations. Only 12 percent of the IT departments surveyed follow up on all employee requests for new technologies.
Communicating the risk of shadow IT
Although IT departments are aware of the security risks of shadow IT to their organizations, most employees are not. More than one-third (37 percent) of the IT employees say their organization does not have clearly outlined internal consequences for when employees bring on new technologies without IT approval.
Does your shadow IT problem come from within IT itself?
While most would think IT departments are the most diligent when it comes to following protocols, this is not always the case. 40 percent of the IT employees reported having used a device, application or other technology that is new to the organization without first receiving approval from IT.
Solve the shadow IT challenge
Research findings suggest that it’s more important than ever for organizations to identify the right solution or combination of solutions that best protect them from security threats without disrupting employee productivity, such as:
- For cloud-based productivity tools, organizations should consider CASBs to extend the reach of security policies beyond company infrastructures.
- When technology approval and other security processes create too much friction for employees, organizations should consider identity-based security solutions to create a 360-degree view of employees based on a profile of factors like the user’s usual IP addresses and location.
- To navigate changing regulations and standards, organizations should consider investing in compliance to establish that alignment with industry regulations is a top priority for the company.
Security
via https://www.aiupnow.com
Help Net Security, Khareem Sudlow