What is ‘Shadow IT’?
Shadow IT refers to the various web tools informally in use within most organisations. These tools are often chosen without reference to IT or to management in general.
They are often used for all the very best reasons. Your colleagues have work to do, and these tools help them, so they get used. You might know about some because there is a subscription charge, but others might be free.
These tools can be anything from simply keeping lists of tasks to do, sharing information or managing workflows, providing newsletter lists, or recruiting staff. Its endless.
There’s all sorts of web pages out there that your people will be finding useful and will be using.
The question is, do you know what is being used on your behalf?
Even more importantly, do you know who’s got access to them? As your staff come and go, do you know to change passwords or reset user accounts to make sure that no one who has left you (maybe even gone to a competitor) is still able to access your confidential data?
Shadow IT is one of the largest threats to data privacy in organisations today. It’s not necessarily because these sites are going to be hacked, although it’s always possible, but it’s because if you don’t know the tools are in use, then there is no way that you can manage them!
The first step to maintaining this data is to identify them, and that’s why you need new tools that are cloud focused.
If you’re still using the same old security tools that you used prior to the cloud, then you are simply not keeping up and we need to talk!
Here’s a story about what happens if you don’t have this under control: Why you need to know all the cloud services that your organisation uses – IT Solutions and Managed Services (kinetics.co.nz)
Shadow IT is part of our 10-point cyber-security check list
While there is no single layer of technology that can guarantee you will be safe from hackers, you can reduce your risk by adding layers of protection. How many of our 10-point check list are in place for you?
Beware – When Anti-Money Laundering (AML) CREATES a risk
That’s right. AML is not only frustrating to many of us, but it has also created cyber-risks. The irony isn’t lost on us. We’re honoured to support a large number of NZ law firms as clients, and it is a responsibility we take very seriously. Law firms handle such a...
Is MFA driving you mad?
Getting tired of having to open your phone for access? If so, you are not alone! But, its necessary. Hackers are counting on you suffering from an excess of having to reach for your phone to approve access, with something called “MFA Fatigue Attacks”.MFA Fatigue...
When QR codes go bad
Thanks to Covid, we’re all familiar with QR codes. Of course, with Covid, we were using the official tracer app to scan them, but in normal use, you can just use your phone’s camera to open the link. It’s a great way to make it easy to visit a website without having...
Is nothing safe? Fake logins!
Every day, there is a new cyber-threat to watch out for, and to warn friends and colleagues about. I’m frequently stunned when talking to friends and colleagues that these threats are abstract and academic. For the sake of absolute clarity, these cyber risks...
Hot off the press – we have just received CERT NZ’s report for the last quarter of 2021
So, just a quick reminder of who CERT NZ are – it’s the official NZ Government Cyber-Security agency. So, first up – 13% increase in reported incidents on the previous year and a big spike into the last quarter. 9% more phishing attacks. 24% more malware, based on the...
When hacking can help.
Ukraine is pretty well known for tech innovation. In fact it was worth $US6.8 Billion last year Ukraine’s Booming Tech Outsourcing Sector at Risk After Russian Invasion - WSJ. On top of that ‘legitimate’ work, Ukraine has also been home to some of the...
Sigh! How dumb and immoral can hackers get?
You can only sigh! We are witness astounding bravery and inspirational leadership in the Ukraine. We are watching the unfortunate abandoning everything they have built up to become refugees as they flea the dangers. The world is heartbroken. But amongst us there are...
Latest trend – hacking Teams
Over a quarter of a billion people use Teams every month. Under the current lockdown/isolate/work-from-home regimes, it is a vital tool for most of us. Many organisations including us even use it for our phones because it is so flexible and excellent value. You can...
2021 Trend Reports confirms cyber-security advice
How many people DON’T report ransomware attacks? It’s too early to see the Q42021 results from CertNZ but their Q3 report tells there were 2,072 incidents that they responded to in Q3 and fraud/scam’s were up 25%. Their report confirms that the very risks we have been...
Hackers Caught! Millions Seized
Crime doesn’t always pay. The FSB reports (if you can read Russian) that they have taken down the “Revil” band of hackers. These are the people that have caused absolute havoc, from disrupting the US oil pipelines, to the Kaseya attack that took out businesses all...