Written By Logan Gilbert And Presented By Charles Leaver
All of us relate to the image of the hooded villain hovering over his laptop late at night – accessing a business network, taking valuable data, vanishing without a trace. We personify the attacker as intelligent, persistent, and crafty. But the reality is the large majority of attacks are enabled by simple human carelessness or recklessness – making the task of the cyber criminal an easy one. He’s inspecting all the doors and windows constantly. All it takes is one mistake on your part and hegets in.
What do we do? Well, you already know the answer. We spend a good chunk of our IT budget plan on security defense-in-depth systems – developed to discover, trick, fool, or outright block the bad guys. Let’s park the discourse on whether or not we are winning that war. Because there is a far simpler war underway – the one where the aggressor enters your network, organization critical application, or IP/PPI data through a vector you didn’t even know you had – the unmanaged asset – often referred to as Shadow IT.
Believe this is not your company? A recent study recommends the typical enterprise has 841 cloud apps in use. Surprisingly, most IT executives think the variety of cloud apps in use by their organization is in the order of thirty to forty – indicating they are incorrect by an aspect of 20 times. The very same report highlights that more than 98% of cloud apps are not GDPR ready, and 95% of enterprise class cloud apps are not SOC 2 ready.
Shadow IT/ Unmanaged Assets Defined
Shadow IT is defined as any SaaS application used – by staff members, departments, or entire service groups – without the comprehension or authorization of the business’s IT department. In addition, the advent of ‘everything as a service’ has actually made it even easier for workers to access whatever software application they feel is needed to make them more efficient.
Well-intentioned workers typically do not understand they’re breaking business guidelines by activating a brand-new server instance, or downloading unapproved apps or software offerings. However, it takes place. When it does, three problems can develop:
1. Corporate standards within an organization are jeopardized given that unapproved software means each computer system has different abilities.
2. Rogue software applications typically includes security flaws, putting the entire network at risk and making it a lot more hard for IT to manage security threats.
3. Asset blind spots not just increase security and compliance dangers, they can increase legal risk. Information retention policies developed to restrict legal liability are being skirted with details contained on unauthorized cloud assets.
3 Vital Factors To Consider for Dealing With Unmanaged Asset Dangers
1. First, release tools that can offer comprehensive visibility into all cloud assets- managed and unmanaged. Know what brand-new virtual machines have been triggered recently, along with exactly what other devices and applications with which each VM instance is interacting.
2. Second, make certain your tooling can provide continuous inventory of authorized and unapproved virtual devices operating in the cloud. Ensure you can see all IP connections made to each asset.
3. Third, for compliance and/or forensic analysis purposes look for a service that provides a capture of any and all assets (physical and virtual) that have ever existed on the network – not just a service that is limited to active assets – and within a short look back window.
Unmanaged Asset Discovery with Ziften
Ziften makes it simple to quickly discover cloud assets that have been commissioned outside of IT’s purview. And we do it continuously and with deep historic recall at your fingertips – including when each device first linked to the network, when it last appeared, and how frequently it reconnects. And if a virtual device is decommissioned, no problem, we still have all its historical behavior data.
Recognize and secure covert attack vectors coming from shadow IT – prior to a disaster. Know exactly what’s happening in your cloud environment.