Cloud apps are pervasive. Over 90% of enterprises report public cloud use. By 2020, almost every business in the country will formally utilize cloud apps. The benefits are clear: higher productivity, better workflows, happier customers, the list goes on. Cloud apps are ideal for business efficiency and productivity, but security takes a hit. With all the business data uploaded to the cloud, IT pros have no way of tracking all the apps and files. This lack of visibility is known as Shadow IT, and as cloud adoption continues, the problem of Shadow IT grows.
The Problem of Shadow IT
The ease of creating, syncing and sharing files in cloud apps makes tracking hard for IT pros. All it takes is one sensitive file ending up on someone’s unencrypted phone, and someone can gain access to everything. Data breaches are now a regular occurrence. In 2015, the United States Office of Personnel Management inadvertently exposed the personal information of 22 million people. They admitted their fault fin their inability to control data. An incomplete inventory and a lack of awareness of where data was stored contributed to the breach.
Keeping files organized and maintaining visibility is a major obstacle to secure cloud usage that’s rapidly becoming a universal problem. The first step to mitigating the risks of Shadow IT is to bring the data out of the shadows with visibility.
The Solution to Shadow IT
While cloud app adoption is swift, security solutions for cloud apps, known as Cloud Access Security Brokers (CASBs), have trailed behind. Only 20% of enterprises currently use a CASB, but Gartner expects the figure to jump to 85% by 2020. A CASB ensures that an organization’s IT department has visibility into all cloud programs, apps, files, data, and users. This visibility lets IT pros feel confident that their team is using and sharing data on cloud apps securely and take action on unauthorized activity. Visibility means you can:
- Monitor activity in real time, detect sharing patterns and identify anomalies.
- Discover Shadow IT cloud services and gain visibility into user activity within sanctioned apps.
- Identify sensitive data in the cloud and enforce DLP policies to meet data residency and compliance requirements.
- Detect and respond to insider threats, privileged user threats, and compromised accounts
Having a CASB is important when it comes to reigning in Shadow IT. The first, and most important, step to mitigating the risks of Shadow IT is through visibility.