Shadow IT: mastering the unknown

By rotide
Created 23/03/2020 - 15:30
Martin Hodgson (002).jpg

By Martin Hodgson, Head of UK & Ireland - Paessler AG [1]

In the popular Netflix series Stranger Things, the town of Hawkins, Indiana is repeatedly terrorised by unknown and deadly monsters from ‘the upside down' - a shadow world that exists in parallel to our own. Believe it or not, enterprise networks can be exposed to similar threats, as parallel networks created by the use of unknown infrastructure can unleash a range of ghouls on IT teams and users alike.

For IT managers, merely the thought of unknown or even partly unknown IT infrastructures on a network can be enough to send a shiver down the spine. In shadow IT networks, complex infrastructures can develop from everyday practice, without the approval or knowledge of the IT department. These infrastructures can range from manageable hardware environments to complete technology solutions that are in daily use throughout the company - using the data of the official company systems whilst being inaccessible to the IT department.

Independent shadow infrastructures often arise as a result of poor management or planning. If a department is not offered adequate solutions for the work they are tasked to do, or heads of department aren't educated in the need to work from a centralised enterprise network, the situation may arise where solutions are created from the ground up without proper consultation with the IT department. Much like the creatures in Stranger Things, shadow IT networks can unleash a plethora of risks for networks and unwitting IT departments.

  1. Vulnerabilities are laid bare

This is perhaps the first major risk which comes to mind when we think of unknown infrastructure on the network. Infrastructure that has been set up without the knowledge of the IT department often lacks the required level of security to ensure protection from cyber-attack. In some instances, hardware may be lacking up to date firmware and may even be without a firewall or virus scanner. In a world where a network is only as strong as it's least secured device. This may leave an entire enterprise network vulnerable to attack.

  1. Heightened risk of data loss

Shadow IT systems and applications run outside of the IT department's backup and restore plan. This can mean that mission critical business functions may be taking place without a backup solution at all. In the event of an incident, such as a cyber-attack that leads to data loss, crucial company data may disappear entirely without any chance of recovery. In a worst-case scenario this can cause significant damage to company operations with potential for serious financial repercussions.

  1. Unauthorised access

Even if we ignore the issue of operating without sufficient back-up, a shadow IT network may give no overview of potential data access. This means that external service providers, contractors and even former employees may have access to sensitive data. With no permissions overview, there is no way of predicting who can access data and what could be done with it.

  1. Unfit for purpose

Shadow IT hardware and software is often installed without the requisite testing. Although these systems may directly benefit the individual activities of the installer, this is often a reason for the creation of shadow IT in the first place, the untested system may slow or even stop other business critical systems on the network. Even in shadow IT networks that run smoothly, double maintenance and administration is required to ensure the system continues to run smoothly in parallel with the official enterprise network.

  1. Non-compliance

To state the obvious, the creation of shadow IT processes outside of established IT department protocol will likely violate a company's IT compliance rules. More seriously however, introduction of shadow IT systems for specialist departments may be a fundamental breach of external regulation such as data protection law. In these instances, breaches of external regulation can lead to large fines from regulators and even company collapse.

The good news is, it doesn't have to be this way. Thankfully even widespread shadow IT issues can be controlled if the right strategies are put into place by the IT department and senior management. Locating shadow IT networks is the first step to removing and neutralising the threat. It is therefore imperative that IT teams ensure network visibility is a number one priority to preventing unauthorised infrastructure taking root in the organisation. Even the most hidden parallel infrastructure can be detected through regular data traffic readings on each router or switch. Much like the monsters in "the upside down", IT teams cannot destroy the threats. However, they can be sealed off for good once shadow networks are disconnected.

With the right tools and visibility, today's IT teams can be well equipped to combat the sinister threats of shadow IT.

Source URL: