Most organizations these days are focused on efficiency. This makes perfect sense, since efficiency generally yields profitability. In today’s business environment, many employees are tech savvy enough to be dangerous, and the desire to quickly implement technologies that drive efficiency has resulted in increasing amounts of Shadow IT.
Shadow IT is the result of individuals or business units bypassing the IT group when selecting, purchasing and implementing technology solutions. Individuals and business units may purchase additional wireless switches, routers, POS systems, mobile devices and IoT devices, without consulting the IT group, or even telling them they added these items to the network. It is a growing problem for most organizations and Gartner forecasts that by 2020, a third of the attacks on the enterprise networks will use Shadow IT devices as an entry point.
Shadow IT dramatically increases the risks to the enterprise network because the solutions are not vetted by IT for security risks, lack proper data access restrictions for guests, contractors and others, and don’t have IT monitoring the logs of these devices or applications to watch for suspicious activity. The risk is further increased when rogue IoT devices are added to the network, since IoT devices are known for poor security and most firewalls do not have the ability to see and secure these devices. All of these issues can cause network security gaps that leave organizations vulnerable.
Spotting Shadow IT Issues
Stopping or drastically reducing Shadow IT not only increases security, it also saves your organization time and money. When groups bypass the IT department and purchase Shadow IT solutions, they frequently duplicate purchases and soon, users begin asking the IT group to support devices or applications they do not even know exist on the network.
The first step to solving Shadow IT issues, is being able to see each device and network connection. Organizations can use today’s visibility technology to discover and lockdown rogue devices and connections. Using a network visibility solution that enables you to see a live inventory of every connected device has helped many organizations find multiple rogue devices and eliminate these entry points.
For example, Atrius Health used a visibility solution to get a clear picture of every device physically connected to the network. They found a number of rogue devices and then used a network access control solution to lock down all physical ports and access. Now, if a user tries to plug in an unregistered device or even moves a computer to another port, the IT group is alerted and shuts down the IP address, solving the Shadow IT issue for devices. (Read the case study.) This solution could also be used to identify and lock down wireless connections as well.
Another benefit of a good visibility solution is centralized management. It enables organizations with worldwide offices to centrally manage network access and authentication. Organizations can also use it to populate a Configuration Management Database (CMDB) for easier network management and upgrades. The best solutions should integrate with other security technologies, as well as offer pre-connect and post-connect device authentication and scans. This ensures that every device that connects to and stays on your network, meets your minimum security standard. For example, when Al-Zahid Tractor faced Shadow IT issues and required centralized management of connections, they were struggling to prevent users from using rogue hubs and switches to connect multiple devices on the same downlink ports. They selected a solution with a multi-access detection system to stop this practice and reduce Shadow IT concerns. (Read the case study.)
Rogue IoT Devices Increase Risk
The explosion of IoT devices also complicates things. Automating authentication of IoT and other headless devices is one of the most challenging parts of network security, since these devices lack a traditional “user” for authentication. With an advanced network security solution, rogue devices and rogue IoT devices, that attempt to access the network will not be authenticated and can be isolated pending review. With the explosion of IoT devices that can include everything from the office coffee maker to the copier, office managers and other employees who have never had to consider network security when purchasing products, may be inadvertently adding unsecured IoT devices. To combat Shadow IT, organizations should implement a technology solution that provides a live inventory of all devices, as well as ensures they can control all network access.
The bottom line is that reducing Shadow IT activity increases security, saves organizations time and decreases costs. For more information on how the Network Sentry product line can help alleviate Shadow IT concerns, watch an on-demand webinar on Detecting Rogue Devices on your Network.