Current Filter: >>>>>>

   

Last year was notable for many reasons, not least of which was that it set new records for software vulnerabilities, with more than 7,000 added to the US National Vulnerability Database (NVD). Of those recorded, it is estimated that 83 per cent were found in third-party applications - and of course there's no sign that this trend will slow any time soon.

Armed only with a credit card and a browser, anyone can purchase low-cost subscription licenses and have a new SaaS application up and running in no time at all. Importing corporate data and integrating with other enterprise applications can also be achieved without the involvement or even the awareness of the IT professionals charged with such responsibility.

It's not in an employer's interest to inhibit employee creativity, enthusiasm or productivity, and they most certainly should not force employees to choose between doing their jobs and protecting company assets. Given this, how can enterprise IT teams fulfil their clear obligations and provide a secure network in this new environment: Shadow IT?

REPORTING AND NETWORK VISIBILITY
One major problem with Shadow IT is that it can be incredibly hard to establish visibility around the unsanctioned tools and cloud services employees use on a regular basis. Without this it's difficult to track data exfiltration from your own network or to know when employees may need to reset a password because of a compromise affecting a third-party service.

Good network visibility means that IT admins or security professionals auditing for internal threats can easily determine if someone is using an unsanctioned file sharing service, or if the smart TV in the conference room is making calls to Korea when it's when not in use.

Considering the risks that come with IoT and how pervasive they are becoming in the enterprise, being able to link network activity from IoT devices - and cloud services in general for that matter - to an employee identity is highly valuable for IT and security professionals with limited time. A reporting tool, based in the cloud could help by delivering the following key functions.

OFF-NETWORK REPORTING
Many existing cloud service reporting tools work through proxies and get data from perimeter appliances like firewalls and IDS. Working with appliances and connecting data to a cloud report can be complex, but it also means that they will not be able to catch activity once a device leaves the company's network perimeter.

IT'S NOT ALL FUD
A report's most useful applications are not only blocking or preventing certain traffic or employee behaviour. It can also be used as a powerful tool when justifying an IT budget, gauging the use of deployed apps or building a case to sanction a cloud solution employees already use. IT leaders who make use of reports will be able to draw conclusions based on actual usage. They can show which applications and services that the team already use and if there is a preference for using WebEx or Google Hangouts, for example.

USEFUL EVEN WHEN NOT PROACTIVE
Security professionals, much as they would like to, don't have a crystal ball. Unfortunately this means working frantically after a breach has occurred. And if it's a third-party that had a breach, it can be even harder determining whose login credentials or data may have been compromised. This is unacceptable.

The first step is determining who uses that third-party service. If a cloud-reporting tool is already in place, system administrators can find out who uses this service and advise them to change passwords. If the tool also records activity in near real time then reaction times to breaches or announcements can drop significantly, including those relating to third-party applications and software. NC