What is ‘Shadow IT’?
Shadow IT refers to the various web tools informally in use within most organisations. These tools are often chosen without reference to IT or to management in general.
They are often used for all the very best reasons. Your colleagues have work to do, and these tools help them, so they get used. You might know about some because there is a subscription charge, but others might be free.
These tools can be anything from simply keeping lists of tasks to do, sharing information or managing workflows, providing newsletter lists, or recruiting staff. Its endless.
There’s all sorts of web pages out there that your people will be finding useful and will be using.
The question is, do you know what is being used on your behalf?
Even more importantly, do you know who’s got access to them? As your staff come and go, do you know to change passwords or reset user accounts to make sure that no one who has left you (maybe even gone to a competitor) is still able to access your confidential data?
Shadow IT is one of the largest threats to data privacy in organisations today. It’s not necessarily because these sites are going to be hacked, although it’s always possible, but it’s because if you don’t know the tools are in use, then there is no way that you can manage them!
The first step to maintaining this data is to identify them, and that’s why you need new tools that are cloud focused.
If you’re still using the same old security tools that you used prior to the cloud, then you are simply not keeping up and we need to talk!
Here’s a story about what happens if you don’t have this under control: Why you need to know all the cloud services that your organisation uses – IT Solutions and Managed Services (kinetics.co.nz)
Shadow IT is part of our 10-point cyber-security check list
While there is no single layer of technology that can guarantee you will be safe from hackers, you can reduce your risk by adding layers of protection. How many of our 10-point check list are in place for you?
Protect Yourself from AI Phone Scams: A Terrifying New Trend
The rise of AI phone scams has brought personal targeting to a whole new level. Scammers are using AI-created fake texts (smishing) or even AI -created cloned voices of social media users. It has already found its way to New Zealand shores - New AI combats text...
KARE – Will your support plan need to change?
2008 was a long time ago. New Zealand was a different place. The IT maintenance needs of business were so much simpler! Locally, there was a change of government. Internationally, we were watching the start of the GFC with the fall of Lehman Bros bank. In the...
Putting a light on the dark web with upgraded monitoring
What's the Dark Web? The Dark Web, is often associated with a veil of notoriety, is a part of the internet intentionally hidden from traditional search engines. It requires specific software, such as Tor, to access, offering an anonymous platform where privacy is...
When does using CC in an email become a privacy breach?
Sometimes you need to use the BCC (Blind carbon copy) function in email! Last month, the email addresses of 147 gun owners were shared in an email. Whoever was sending the email put everyone in the 'cc' line. That meant their email addresses could be read by anyone...
Don’t accidentally throw away your WiFi!
Canon just sent out a warning. Wipe your old printers before selling/discarding them! It seems that printer technicians can access the memory and go into settings to uncover old Wifi passwords. Their advisory seems to suggest wiping the settings a couple of times...
Avoiding Subscription Bombs
If 10,000 emails suddenly flooded your inbox, what would you do? Suddenly any real messages will be lost in the blitz of spam that's overloading your screen. It is hard enough to delete all those messages, let alone filter out the genuine ones from the flood. This...
Gotcha!
"GROUP-IB" are a Singapore-based cyber-security provider. They go deep into the cyber-crime sphere and it's paid off. After 30+ attacks, and over $US30M stolen, "OPERA1ER" have been caught! They describe a bad actor who, from 2019, had used the same MO over and...
Look before you click
The latest trend in phishing is pictures! It might be a thumb nail of a picture - a cute pet, interesting garden scene, or some other curiosity. It might be in the form of advertisement. Maybe it is offering a time sensitive, and urgent deal. It might even be a...
REWATCH Cyber Lessons from the field.
What can we learn from recent NZ cyber-events? What is real and what is hyperbole? Scroll down for the MFA revelation - it will surprise you!Introducing Campbell McKenzie from Incident Response, the team called in after cyber-events to help clean up and manage the...
REWATCH Did you know that, on average, 1.2 million Microsoft accounts get compromised every month?
Did you know that, on average, 1.2 million Microsoft accounts get compromised every month? According to Microsoft, 99.9% of hacked accounts didn't use MFA, and only 11% of all accounts have MFA enabled. The average cost of a ransomware security breach is $4.62...