The opinion of shadow IT, or the installation of unauthorised apps in an organisation is divided. Some believe that it answers the need for agile solutions, while others think in increases security risks. SIMEON TASSEV, MD and QSA at Galix Networking sets the record straight.
There are mixed opinions about implementing unauthorised, IT applications (apps) within the organisation, a practice known as Shadow IT. Opinion on Shadow IT is divided into two camps. Some believe that due to the fast pace of business, demands are exceeding IT capability, Shadow IT answers the need for fast, agile solutions and encourages innovative thinking. However, others suppose that Shadow IT causes a breakdown in traditional yet necessary processes, opening up the scope for risk.
While the market has driven the need for Shadow IT to play a role, the risks cannot be overstated. There has been a significant rise in cyber-crime activity over the last few months, with malware such as the WannaCry Ransomware, and the more recent Petya and NotPetya attacks, making news headlines due to the damage caused on a global scale.
Shadow IT, Ransomware and the missing link
Many businesses lost crippling sums of money and critical data due to these attacks, with some being forced to shut down for an extended period. In an environment where malware can be introduced on any devices, businesses cannot afford not to be fully cognisant of everything that touches their network. So, does this mean Shadow IT is the cause by being the key that unlocks the door to virulent network attacks?
Today’s average user is far more technologically savvy than ever before. The range of apps available across a range of devices means that it is fairly simple for an employee to discover one which they believe addresses a business requirement better than what their current IT department provides. Often, employees are able to better understand what they need from a technology to improve productivity. In fact, Shadow IT may help users to more effectively do their jobs and, if formally introduced, could help businesses to innovate quicker.
However, in many cases where users implement applications or systems without permission, or notifying their IT department, these apps and systems cannot be effectively monitored or controlled. Data moving across these systems is therefore equally unmonitored. The business has no control over where their data is, who has access to it, and what the safety measures are around it. Ultimately, this can be very dangerous.
What can be done?
IT departments should ensure that they conduct regular audits for unauthorised applications and systems to ensure that the business remains secure. Once completed, any discovered (and unapproved) apps need to be discarded or integrated into the existing IT ecosystem, based on their benefits. The IT department should also educate users on the risks of Shadow IT. Making them aware of their potential to unwittingly introduce malware such as ransomware or other cyber-threats.
Hooked on Shadow IT?
Users often become dependent on the apps and systems that are introduce independently. When the IT department becomes aware of their use, it may be too late to stop use of the app without negatively impacting productivity and functionality. In fact, employees usually search for these kinds of tools in order to boost their productivity in specific areas where the individual may slack. In addition, the tool or app used may not necessarily work for the business or other co-workers and cannot be implemented on a whim.
When the IT department, or the business, is unaware of systems and apps being used for business purposes, they are unable to apply the necessary threat prevention and other security measures that will ensure the safety of not only the business, but also the user. Thus, the user assumes responsibility for any security breach that may occur through their use of an unauthorised app.
A positive spin
Conversely, Shadow IT can only be helpful for the business, however, only if it is carried out in collaboration with the IT department. Users can be empowered to identify and recommend apps and systems which may ease common business pains, which also alleviates the pressure on IT departments while fast tracking innovation. Simultaneously, IT departments retain a say in what will or won’t work with existing infrastructure and security systems.
In conclusion, although Shadow IT can definitely open up the scope for risk within the business, the IT department within the organisation can collectively work with employees to mitigate security risks. The result is a solution that answers the needs of the user and the business, while still falling within the control of the IT department, and under their security umbrella. There are, therefore, no unidentified or insecure points for malware to enter the business’s systems and the responsibility for the protection of company data still resides with the IT department. Finally, IT should become involved in the assessment of these ‘Shadow IT’ apps and systems, and perhaps it should be touted as ‘Collaborative IT’.
Win a Poster Heater with Gadget and Takealot.com
This winter Gadget and Takealot.com are giving away three Poster Heaters, which look like posters but become heaters when you plug them in.
Three Gadget readers will each win a unit, valued at R550 each. To enter, follow @GadgetZA and @Takealot on Twitter and tell us on the @GadgetZA account how many Watts the heater consumes.
What’s the big deal about these heaters? Many of us are struggling to keep the balance between soaring electricity costs and the need to keep warm this winter.
However, the recently launched Poster Heater by EasyHeat and distributed in South Africa by Takealot.com is not only one of the most cost effective electric heaters currently on the market, it is also easy to setup and use.
As the name indicates, it is a poster similar to one you would hang on a wall. But, plug it in and it turns into a 300 Watt heater. The Poster Heater isn’t designed to heat hallways or large rooms, but rather smaller ones like a bedroom or a baby’s nursery or a dressing room.
It uses radiant heating, which means that it heats up in a couple of minutes and the heat is directed at the objects or people around it, quickly taking the chill out of the air and providing a comfortable ambient temperature.
The other advantage of radiant heating is that it doesn’t dry out the air like infrared or gas heaters. Users also don’t have to worry about their children or pets getting too close to it because, even though it gets hot, it can be touched.
To enter the competition follow the steps below:
Competition entry details:
3. The competition closes on 31 July 2018.
4. Winners will be notified via Twitter on 1 August and Takealot.com will be in touch to organise delivery.
5. The competition is only open to South African residents.
Deezer to host Hotstix’s Mandela tribute playlist
Deezer is celebrating Nelson Mandela on the centenary of his birthday by hosting a tribute playlist created by music legend Sipho “Hotstix” Mabuse.
Mabuse, a legendary figure in African music, first rose to prominence in the 1970s with his band Harari and later developed a name for himself as a solo artist. One of his best known songs was the global hit BurnOut in the 1980s.
The playlist takes the listener on a captivating musical journey through the life of Nelson Mandela. It was compiled by Mabuse, who consulted with Mandela’s family and friends to ensure that the music would be relevant and accurate. The playlist also features commentary by Mabuse, which was recorded in his Soweto home.
“I have tried to tell the story of the music that Madiba loved,” says Mabuse. “The Playlist excludes the time in prison obviously, as Madiba would not have had exposure to music in that time. We have focused on the music we know he loved before and after that period. This recording was really an emotional journey for me, but an incredible opportunity to document these memories.”
The playlist features the music the young Mandela loved, such as The Manhattan Brothers, Solomon Linda, Brenda Fassie and Miriam Makeba. It includes struggle songs from Chicco, Johnny Clegg, Hugh Masekela and Yvonne Chaka Chaka. The playlist also includes Mandela by Zahara, one of the younger artists who caught Madiba’s ear.
Mabuse also offers stories of his own songs, such as Shikisha, a song greatly beloved by the former President.
“I was delighted to share my thoughts and hope the listeners enjoyed the musical journey,” says Mabuse. “Madiba did enjoy music immensely and we all have a purpose wherever we are in the world to celebrate culture and to learn from different cultures and music forms and styles.”
This playlist was inspired by the Nelson Mandela 100 campaign, calling on corporates and individuals to act as sources of inspiration and engage in conversation and action.