Everyone has more work these days. And everyone wants to get it done as easily and efficiently as possible. Unfortunately, the shortcuts users take—like setting up shadow IT and reusing corporate credentials—can put data at risk. If your unfamiliar with the term “shadow IT,” it describes unsupported IT systems, solutions, hardware, and software that is not approved by an organization or their IT department.
Employees increasingly need to share data with customers and suppliers. Cloud service providers offer several solutions to these problems, from basic file-sharing services to collaboration platforms—and users are quick to take advantage of them. According to one survey, more than 80% of employees use non-approved Software-as-a-Service (SaaS) applications to do their jobs. Because of this shadow IT, corporate data is being stored all across the Internet.
To make matters worse, many employees use the same credentials for both their work accounts and various cloud-based services. These user credentials have become a prime target for hackers. The reason is simple: Legitimate credentials with @yourcompanyname allow hackers to access corporate data, often without being detected. When hackers steal these credentials from a third-party site, they automatically have access to the corporate network.
The good news is, you can easily reduce the risk of compromised credentials and prevent shadow IT. Begin by utilizing single sign-on (SSO) to better protect users’ digital identities and reduce the number of passwords users need to remember. Then provide users with sanctioned and protected methods of sharing, and block access to other third-party sites. These measures will ensure that users can easily access the resources and services they need to get their work done.
However, companies also need visibility and controls to further reduce the risk of data loss. Most companies can’t see unusual behavior, like when a user logs in from a risky IP address or when credentials are being used to log in from disparate geographic locations. A tool like Microsoft’s CloudApp Security can help. CloudApp Security allows you to build firm policies around data sharing, and provides reporting and auditing capabilities to determine how users’ credentials are being used. CloudApp works with a variety of products and extends well beyond Microsoft. (If you would like to dive deeper into Cloud App Security make sure to check out our webinar on “How to Stay Secure & Productive with Microsoft’s Enterprise Mobility + Security Suite” that goes deeper and demos Cloud App Security and other Office 365 security products.)
To learn more on how you stop shadow IT in your organization, while controlling and protecting your data with Microsoft security solutions, contact Interlink today.