• Advertise
  • Contact Us
  • About Us
  • Supplier Directory
  • SCB YouTube
  • Login
  • Subscribe
  • Logout
  • My Profile
  • LOGISTICS
    • Air Cargo
    • All Logistics
    • Express/Small Shipments
    • Facility Location Planning
    • Freight Forwarding/Customs Brokerage
    • Global Gateways
    • Global Logistics
    • Last Mile Delivery
    • Logistics Outsourcing
    • LTL/Truckload Services
    • Ocean Transportation
    • Rail & Intermodal
    • Reverse Logistics
    • Service Parts Management
    • Transportation & Distribution
  • TECHNOLOGY
    • All Technology
    • Artificial Intelligence
    • Cloud & On-Demand Systems
    • Data Management (Big Data/IoT/Blockchain)
    • ERP & Enterprise Systems
    • Forecasting & Demand Planning
    • Global Trade Management
    • Inventory Planning/ Optimization
    • Product Lifecycle Management
    • Sales & Operations Planning
    • SC Finance & Revenue Management
    • SC Planning & Optimization
    • Sourcing/Procurement/SRM
    • Supply Chain Visibility
    • Transportation Management
  • GENERAL SCM
    • Business Strategy Alignment
    • Education & Professional Development
    • Global Supply Chain Management
    • Global Trade & Economics
    • HR & Labor Management
    • Quality & Metrics
    • Regulation & Compliance
    • SC Security & Risk Mgmt
    • Supply Chains in Crisis
    • Sustainability & Corporate Social Responsibility
  • WAREHOUSING
    • All Warehouse Services
    • Conveyors & Sortation
    • Lift Trucks & AGVs
    • Order Fulfillment
    • Packaging
    • RFID, Barcode, Mobility & Voice
    • Robotics
    • Warehouse Management Systems
  • INDUSTRIES
    • Aerospace & Defense
    • Apparel
    • Automotive
    • Chemicals & Energy
    • Consumer Packaged Goods
    • E-Commerce/Omni-Channel
    • Food & Beverage
    • Healthcare
    • High-Tech/Electronics
    • Industrial Manufacturing
    • Pharmaceutical/Biotech
    • Retail
  • THINK TANK
  • WEBINARS
    • On-Demand Webinars
    • Upcoming Webinars
    • Webinar Library
  • PODCASTS
  • VIDEOS
  • WHITEPAPERS
Home » Blogs » Think Tank » The Path of Least Resistance: The Internal Threat of Shadow I.T.

Think Tank
Think Tank RSS FeedRSS

The Path of Least Resistance: The Internal Threat of Shadow I.T.

Cyber Risk

A hand types on a computer keyboard. Photo: Pexels.

February 25, 2021
Michael Abboud, SCB Contributor

People, like electricity, tend to take the path of least resistance. Over the last year, businesses around the world scrambled to set up remote infrastructure in order to weather the coronavirus storm. For many employees, the abrupt transition from the office to working fully remote has been a largely unguided experience. According to IBM Security’s work from home study, over half of remote employees surveyed haven’t been given any new security policies on how to securely work from home. With over 34% of all employees expected to be fully remote by year-end, I.T. departments are racing against the clock to implement safe and secure remote infrastructure systems that will meet the needs of their employees.

In the absence of proper direction, workers have embraced a hybrid workflow of new remote-work solutions, browser-based software-as-a-service (SaaS) applications, and repurposed consumer tools for communication, file sharing, and collaboration. When combined with BYOD and lax security oversight, these behaviors create the perfect opportunity for malicious external actors looking to profit from cybercrime.

The Threat of Shadow I.T.

“Shadow I.T” is the general term used to describe applications and devices, largely SaaS, that employees set up and use without I.T. permission or corporate controls. From unsecured devices to public cloud file-sharing and personal e-mail, many remote employees have chosen the path of least resistance and embraced shadow I.T. These highly unsafe work behaviors have the potential to put corporate data at risk, and represent one of the biggest potential vulnerabilities in I.T. today.

Over the next year, enterprise I.T. teams will be forced to effectively reform the rushed systems and infrastructure put in place during 2020, while taking into account the new needs of existing remote workers. This balancing act will require new strategies and approaches to dealing with both security and user behaviors.

According to a 2020 study by Cyberark, convenience often outweighs security for working parents. As people have transitioned into working from home full-time, caring for children and family members can take up more mental space than cybersecurity best practices. As a result, 93% of working parents have reused passwords across applications and devices, and 29% of working parents admitted that they allow other members of their household to use their corporate devices for activities like schoolwork, gaming and shopping. These insecure activities can have major repercussions.

In a recent report by Wandera, 52% of organizations reported experiencing a malware incident on a remote device in 2020, up from 37% in 2019. Even more alarmingly, of devices compromised by malware in 2020, 37% continued accessing corporate e-mails after being compromised, and 11% continued accessing cloud storage.

Imagine that one of your software developers has malware on their laptop. Now you've got them writing essential code on an unprotected device. You have no idea where that code is going. When you publish that code, you may have scrubbed it clean, but someone else could still have it.

The Danger of Unmonitored Data

What many don't recognize is that shadow I.T. isn’t just about someone using their personal Dropbox or Gmail; it's also about giving someone access to a web-based application such as Salesforce and not having control. What happens to that data once it resides locally?

According to a recent study by Netwrix, 91% of organizations claim they store sensitive and regulated data only in secure locations. However, 24% of them admitted they had discovered such data outside of designated locations in the past year.

Creating safe digital environments requires considering the lowest common denominator. With the work-from-home culture not looking to go away anytime soon, it’s increasingly critical to provide employees with solutions that account for some of the less-flattering habits of humanity. If shadow I.T. isn’t seriously considered by corporate I.T. teams and CIOs, then their most sensitive information is in great danger.

All of the hardware and software solutions in the world can’t protect your business if your employees don’t use them. The reality is that if an organization fails to provide the correct tools and training to its employees, they will take the path of least resistance, and leave sensitive data at risk. Training people on the tools they’re given is just as crucial as giving them the software in the first place. If it’s too challenging to get the software working, the temptation to just access the company API from Chrome will always be in the back of their mind. Educating employees on best practices, and building an I.T. infrastructure around their needs, should serve as a cornerstone for all CIOs and I.T. departments.

Michael Abboud is founder and CEO of TetherView, a private cloud provider.

HR & Labor Management Quality & Metrics Regulation & Compliance Supply Chain Security & Risk Mgmt

RELATED CONTENT

RELATED VIDEOS

Subscribe to our Daily Newsletter!

Timely, incisive articles delivered directly to your inbox.

Popular Stories

  • AN ARRAY OF MEDICAL DEVICES LAID OUT ON A GREEN BACKGROUND

    Why the Medical-Device Industry Is Embracing Contract Manufacturing

    Sourcing/Procurement/SRM
  • A TOY TRUCK CARRIES A GIANT BOX WITH A RED RIBBON IN A BOW

    Three Trends to Watch During Peak Season 2023

    Apparel
  • A MANUFACTURING PLANT AT DUSK OR DAWN REFLECTED IN WATER

    Uncertainty is the New Normal

    Data Management (Big Data/IoT/Blockchain)
  • On Demand Webinar_SAP.png

    Optimize your Logistics Pinch Points to Build a Risk Resilient & Sustainable Supply Chain

    Webinars
  • A GIANT CONTAINER VESSEL SPORTING THE LETTERING OF YANG MING PLIES THE SEAS

    Yang Ming Accused of Profiteering During Pandemic by Bed Bath & Beyond

    Ocean Transportation

Digital Edition

Scb august 2023 lg

2023 100 Great Supply Chain Partners

VIEW THE LATEST ISSUE

Case Studies

  • JLL Finds Perfect Warehouse Location, Leading to $15M Grant for Startup

  • Robots Speed Fulfillment to Help Apparel Company Scale for Growth

  • New Revenue for Cloud-Based TMS that Embeds Orderful’s Modern EDI Platform

  • Convenience Store Client Maximizes Profit and Improves Customer Service

  • A Digitally Native Footwear Brand Finds Rapid Fulfillment

Visit Our Sponsors

Antuit Zebra Anvyl AutoStore
BEUMER Group Blue Ridge Global Brother
CHEP Cleo Coenterprise
Data Capture E2open Enveyo
Eva Air ForwardX Robotics Frayt
GAINSystems Generix Geodis
GEP Global Supply Chain Marketing Summit GreyOrange
Here Holman Logistics Infor
Inmar Kinaxis Lexis Nexis
Locus Robotics Logility LogistiVIEW
Lucas Systems MCA Connect MPO
Old Dominion OneRail Overhaul
PartnerLinQ (Visionet) Port of Virginia Ryder E-commerce by Whiplash
Saddle Creek Logistics SAP Shyft
Sourcemap SPS Commerce Tecsys
TGW Systems Thomson Reuters Veho
Verusen Walmart Workshop
  • More From SCB
    • Featured Content
    • Video Library
    • Think Tank Blog
    • SupplyChainBrain Podcast
    • Whitepapers
    • On-Demand Webinars
    • Upcoming Webinars
  • Digital Offerings
    • Digital Issue
    • Subscribe
    • Manage Your Subscription
    • Newsletters
  • Resources
    • Events Calendar
    • SCB's Great Supply Chain Partners
    • Supplier Directory
    • Case Study Showcase
    • Supply Chain Innovation Awards
    • 100 Great Partners Form
  • SCB Corporate
    • Advertise on SCB.COM
    • About Us
    • Privacy Policy
    • Contact Us
    • Data Sharing Opt-Out

All content copyright ©2023 Keller International Publishing Corp All rights reserved. No reproduction, transmission or display is permitted without the written permissions of Keller International Publishing Corp

Design, CMS, Hosting & Web Development :: ePublishing