What Is Shadow IT?
“Shadow IT” is the bane of many IT departments. The term refers to those non-IT department information systems that user groups in large enterprises sometimes deploy due to a perceived lack of urgency, responsiveness and/or support from the central IT organization. For IT department leaders, shadow IT is a resource over which they have no control or influence, leading to greater fragmentation, inefficiency, waste, expense and unmanageability in the enterprise IT environment.
For cyber security leaders, shadow IT is something more concerning: a major, untrackable source of risk beyond the reach of traditional Insider Threat and Data Loss Prevention (DLP) solutions. By not conforming to IT and cloud security best practices, shadow IT systems and the devices connected to them are vulnerable to becoming easily breached access points for bad actors.
The shadow IT issue has only grown over time as the barriers to application deployment have fallen. Today, a department eager to adopt, say, a new marketing automation solution can do so with minimal investment and configuration work and zero IT department involvement. They could then feed valuable corporate data into the solution without proper safeguards. Thus, a shadow IT system can operate for months beyond the scrutiny of traditional Insider Threat and endpoint DLP solutions. The larger the organization, the more shadow IT proliferates and the harder it is for security teams to root out these rogue solutions and bring them in line with corporate cybersecurity standards.
So how can enterprise security teams ensure that their hard work is not undone by shadow IT systems they didn’t even know existed? For one company, the answer was DTEX.
VicTrack is a diversified company that owns the majority of railway-related infrastructure in Australia’s second-largest state, Victoria. With close to 400 employees and an extensive network of public transport resources to protect, VicTrack deployed DTEX Workforce Cyber Intelligence & Security Platform to up its game against insider threats and endpoint data loss. But after working with it for a while, the VicTrack team realized that DTEX had another vital use – it can spot shadow IT quickly and enable security teams to take the steps necessary to safeguard those non-IT systems from internal and external malicious attacks.
The key is the vast amount of information that DTEX collects and analyzes. Immediately upon being deployed, DTEX begins tracking how, when, why, where and for how long employees and third parties interact with data, machines, applications and their peers across the enterprise network. It is able to identify all devices, applications and users – quickly bringing shadow IT out from the shadows and into the light.
VicTrack’s Chief Information Officer, Bruce Moore, sees DTEX as essential, not only to protecting VicTrack’s data, resources and reputation, but also to keeping IT costs under control.
“In this world, the cost of IT is one of the critical features for every organization,” said Moore. “And one of the things that always works against us is shadow IT. With DTEX, we’re able to understand exactly what is going on and how our IT infrastructure is being used. And these scenarios where shadow IT or unnecessary applications are running, we’re able to identify and take remedial action to shut them down.”
The result is greater IT control, better enforcement of corporate cybersecurity protocols, reduced risk, and the confidence of knowing there are no undiscovered holes in their security perimeter to provide an exit for insider threats or endpoint data loss. VicTrack provides an excellent example on how DTEX combats shadow IT, and more.