What is ‘Shadow IT’?
Shadow IT refers to the various web tools informally in use within most organisations. These tools are often chosen without reference to IT or to management in general.
They are often used for all the very best reasons. Your colleagues have work to do, and these tools help them, so they get used. You might know about some because there is a subscription charge, but others might be free.
These tools can be anything from simply keeping lists of tasks to do, sharing information or managing workflows, providing newsletter lists, or recruiting staff. Its endless.
There’s all sorts of web pages out there that your people will be finding useful and will be using.
The question is, do you know what is being used on your behalf?
Even more importantly, do you know who’s got access to them? As your staff come and go, do you know to change passwords or reset user accounts to make sure that no one who has left you (maybe even gone to a competitor) is still able to access your confidential data?
Shadow IT is one of the largest threats to data privacy in organisations today. It’s not necessarily because these sites are going to be hacked, although it’s always possible, but it’s because if you don’t know the tools are in use, then there is no way that you can manage them!
The first step to maintaining this data is to identify them, and that’s why you need new tools that are cloud focused.
If you’re still using the same old security tools that you used prior to the cloud, then you are simply not keeping up and we need to talk!
Here’s a story about what happens if you don’t have this under control: Why you need to know all the cloud services that your organisation uses – IT Solutions and Managed Services (kinetics.co.nz)
Shadow IT is part of our 10-point cyber-security check list
While there is no single layer of technology that can guarantee you will be safe from hackers, you can reduce your risk by adding layers of protection. How many of our 10-point check list are in place for you?
Webinar: Updating what is ‘reasonable’ to protect your organisation from cyber-crime.
Cyber-security gets harder, so we make it easier. Much as the heading may sound 'double-dutch', it isn't. Simply, the levels of protection that are 'reasonable' to protect your organisation have changed. We need to do more, and at Kinetics we know that...
What’s a passkey? What do they mean for my password?
Every time you sign up for something new, it seems you have to think up a new password. Sometimes you can use your Google or Facebook credentials but more often than not, you have to use your email address and come up with a new password. The lazy amongst us reuse...
Cyber-attacks on emails get faster and faster
A lot can happen between your morning coffee and your lunch. That’s all it takes to go from ‘normal’ to ‘disaster’ when the hackers strike. Microsoft researchers recently worked backwards through a ‘BEC’ attack (business email compromise – IT people love to convert...
When KARE isn’t enough
The world has changed... Since we designed our original ‘base’ KARE plans, the world has gone more mobile, more in the cloud and ‘work-from-anywhere’ is ubiquitous. And the cyber-threat environment has become much more adverse. Our KARE plans need to reflect 2023! In...
How cybersafe are you at home?
The NSA have released a ‘Cybersecurity Information Sheet’ for home networks. We know that home networks can range from simple to complex. You might have smart TVs, smart home lighting, Google Home, Alexa, alarms, cameras – the list goes on. These devices can be less...
Warning : Business Email Compromises skyrocket
The stats are in, and they are alarming! Business Email Compromise (BEC) attacks are up 81% in 2022! Small Medium Businesses often say to us that they don’t need to worry about cyber because they're not worth it for an attacker. Unfortunately, that’s incorrect. There...
Is automated Microsoft patching enough?
Microsoft have been releasing patches for 30 years. It’s easy to become blasé about them. Yes, Microsoft can automatically apply updates to Windows and Office. But that does not mean that you can rely on it. Any system is only as good as how well it is monitored....
Beware of “Pig-Butchering” – a new trend in Social Engineering
Where do these names come from? The latest trend is referred to as Pig-Butchering. The name comes from the Chinese underworld (shāzhūpán). The term refers to fattening up a pig, taking a longer-term view. They develop their target slowly, looking to get maximum...
What does the LastPass breach mean for you?
There have recently been a couple of well-publicised breaches of LastPass. Most people will be familiar with LastPass but in case you are not, it’s a well-known and popular password vault/manager.Does this mean you shouldn’t use a password vault? Absolutely not. YOU...
Are you making the most of your password manager?
Passwords are the basic protection for our various online accounts. It amazes me how basic some people’s passwords are. Passwords like, well ‘password’ or ‘123456’ are still commonly in use! In case that sounds unbelievable, here’s a list of the top 200 for...