Shadow IT is garnering the attention of information security directors. But is it deserving of its newfound mindshare?
The security concerns around unsanctioned systems are understandable, though may be a bit misdirected. The true intersection between Shadow IT and security is found within unsanctioned SaaS applications that directly connect to sanctioned cloud platforms within the corporate environment. To date, CloudLock has discovered over 9,000 3rd party apps connected to corporate environments. A number of high profile security breaches – think Snapchat – have been traced back to 3rd party apps.
However, many of these applications offer compelling cases as user-selectable, productivity-enhancing business tools. To take advantage of the powerful suite of technology available today without introducing yet another risk vector, organizations must better understand the risk as well as the insight and controls necessary to remain secure.
The Risk of 3rd Party Apps
To determine the security risk, consider taking a look at the applications access scope – that is, the capabilities users grant the 3rd party app when they enable it within the domain. Often times, these functionalities include the capability to create, manage, delete, and modify files within the environment.
In and of itself, such functionality is innocuous and enables users to derive considerable benefit, often directly related to business operations, from the app. However, if the app is malicious by design or were to be compromised – something outside the control of your organization – the consequences could be considerable. The malicious actor could leverage the permissions granted to the application to externalize sensitive data or modify the domain.
Securing 3rd Party Apps
To secure these applications, organizations need visibility into the number of apps enabled within the environment, which cloud platform they are enabled within, what the access scopes are, and which users have enabled them, as well as their privilege level.
After surfacing this critical information, the ability to take action (whitelist or blacklist) based on risk profile and access scope becomes essential. Employee awareness becomes essential – use email alerts to notify them of risky apps, and, when necessary, revoke apps.
Data Protection in the Cloud
Striking the right balance between security and user enablement in cloud platforms can be a challenge. Armed with the right information and capabilities, an increasing number of organizations are taking advantage of all the cloud has to offer, while maintaining organizational security.
Ready for more?
In our CISO’s Guide to Cloud Security eBook, you will:
- Learn the characteristics and priorities of today’s forward-thinking security leaders
- Obtain actionable guidelines to initialize and execute an effective cloud security program
- Be empowered to bring it all to life with a formula to measure the impact of security efforts in every organization