What is Shadow IT and how it poses risk to Indian companies

10 months ago 17

There are several ways a company may be susceptible to

hacking

, and one of the ways is Shadow IT. A recent report said that a part of

cybersecurity

incidents that hit Indian businesses was due to the use of

shadow IT

by their employees. Here’s all you need to know about it.
What is Shadow IT?
Shadow IT is the part of the company’s

IT infrastructure

that is outside the purview of the IT and

Information Security

departments, that is, applications, devices, and public cloud services, among others that are not being used in accordance with a company’s information security policies.

Shadow IT is not limited to tech companies

Deployment and operating shadow IT can lead to serious negative outcomes for businesses in almost all spaces. As per a research by Kaspersky, in India, 89% of companies suffered

cyber incidents

in the last two years, and 20% of these were caused by the use of shadow IT.
The IT industry had been the hardest hit, suffering 16% of cyber incidents due to the unauthorised use of shadow IT in 2022 and 2023. It was followed by infrastructure, and transport & logistics organisations, which saw 13% cyber incidents due to unauthorised use of shadow IT.

Meanwhile, 11% of companies worldwide have suffered cyber incidents due to the use of shadow IT by employees in the last two years.
Examples of Shadow IT
Earlier this year, hackers compromised Okta’s customer support system and stole data from all of the cybersecurity firm’s customer support users. An employee using a personal Google account on a company-owned device unintentionally allowed threat actors to gain unauthorised access to Okta’s customer support system.
How to safeguard against Shadow IT-led hacking
The best way to plug Shadow IT-led hacking is to only use apps installed on employee devices and refrain from using unsolicited flash drives, mobile phones and laptops.
Abandoned hardware left over after the modernisation or reorganisation of the IT infrastructure can also be used ‘in the shadows’ by other employees, potentially exposing the company to hackers.
A regular check on the inventory of IT assets like abandoned devices and hardware can also help in eliminating the risks of hacking. Furthermore, making users aware of ways that poses cyber risks can also help in plugging loopholes.

Article From: timesofindia.indiatimes.com

Read Entire Article

Note:

We invite you to explore our website, engage with our content, and become part of our community. Thank you for trusting us as your go-to destination for news that matters.

Certain articles, images, or other media on this website may be sourced from external contributors, agencies, or organizations. In such cases, we make every effort to provide proper attribution, acknowledging the original source of the content.

If you believe that your copyrighted work has been used on our site in a way that constitutes copyright infringement, please contact us promptly. We are committed to addressing and rectifying any such instances

To remove this article:
Removal Request