After a surge in Omicron cases across the UK at the start of the year, current government advice is that businesses embrace a hybrid working model.
While this may excite many employees and managers alike, it does pose some concerns for IT departments. One of the biggest threats to businesses in a home working or hybrid environment is shadow IT. This is where employees use their own un-provisioned hardware or software for work purposes, often without their employer knowing.
If left unchecked, shadow IT can increase the risk of a data breach. Indeed, 46 percent of executives say shadow IT makes it impossible to protect their business all the time.
So, to help you anticipate the dangers going forward, we’ve listed three shadow IT threats to look out for in a hybrid and remote working world.
1. Personal accounts and services
Over a third of employees admit they use their private email and file-sharing cloud services for work purposes.
It may seem harmless from the employee’s perspective, but these personal accounts often don’t have the same level of security or encryption. One accidental email or file share to an old school friend - or a hack attempt from a cybercriminal - and the data protection dam could burst.
To ease this problem, organisations must emphasise the importance of separating work and personal accounts. We recommend seeking cybersecurity training and strategy planning support.
2. Unprovisioned software downloads
Cloud applications make remote life much easier. Without software-as-a-service (SaaS), many of us wouldn’t have the productivity or communication tools necessary to handle home working.
However, it can be all too easy for remote employees to buy their own software without your IT department knowing. They just need a credit card.
While you can never fully stop employees from procuring shadow IT, it’s important to assess your current cybersecurity posture and govern the shadow IT issue. Without established rules and expectations, you may increase the likelihood of non-compliance.
3. Shared family devices
In a typical household, it’s normal to pass around a laptop. After all, your partner may need to check their online banking, or your child may have homework to complete.
But, without separated accounts and strong passwords, the lines can blur.
The last thing you need is a family member accessing sensitive company data - even if they don’t do anything malicious with it. To ensure your employees can comfortably manage work and home life, you’ll need to implement a bring-your-own-device (BYOD) policy. You could also increase security with a segmented virtual workspace.
Bringing shadow IT into the light
Sixty percent of organisations don’t include shadow IT in their risk/threat assessments. But it’s high time they did.
As your organisation continues to implement hybrid working practices, shadow IT will inevitably rise. And you may find yourself subject to more instances of data breaches and non-compliance.
The three risks we’ve listed only scratch the surface, however. If you’d like more information on the top security issues to look out for (and how to fix them), watch our 'Top security issues' webinar. You’ll get to hear from our in-house experts and ask any niggling questions. We look forward to seeing you there!
Share
