IT Documentation - The Blog

Shadow IT detection

August 19, 2020

Although you may not be familiar with the term Shadow IT, if you are an IT manager, administrator, or other IT professional reading this article, you will quickly realize that this topic requires your full attention.

So what is Shadow IT?
Shadow IT refers to all IT devices, software and services that are used by your colleagues but are not under the control of your IT organization.

Shadow IT is available in almost every company

When an employee takes photos of recordings on a whiteboard with his smartphone and sends them to a colleague using WhatsApp – that’s Shadow IT.
Or a colleague sends company documents to his or her own private Google mail address in order to access this data on the move – that too is Shadow IT.

Yet these employees are not even aware that they are doing anything wrong. They are usually only looking for simple solutions to problems in their daily work. If, for example, an employee works in the field sales force and therefore travels a lot to customers, he will probably have to access company data there as well. If the IT department doesn’t offer him a simple solution for accessing this data externally, he will look for another solution to help him close the sale. In private life, it also works that you can access all your data from anywhere. And that’s how fast company data is on the Internet, without the company administrator having any control over it. This is exactly what happens every day, in almost every company.

IT experts currently assume that about 92% do not know the extent of Shadow IT in their company. In contrast, about 87% of employees upload company data to private clouds.

In this way, a parallel IT environment is created that completely eludes the management and control of the company’s IT. At the same time, the extent of Shadow IT in the company is completely unknown. It is only certain that the use of Shadow IT is growing exponentially.

Shadow IT with devastating consequences

Let’s stick to the first example, where an employee photographs the whiteboard with his smartphone after a meeting and sends this photograph to a colleague who could not be there. While this is meant nicely, the WhatsApp TOS states: “In order to operate and provide our Services, you grant WhatsApp a worldwide, non-exclusive, royalty-free, sublicensable, and transferable license to use, reproduce, distribute, create derivative works of, display, and perform the information (including the content) that you upload, submit, store, send, or receive on or through our Services.” (Source WhatsApp Terms of Service, as of 08/2020).
This means that by using WhatsApp you automatically allow WhatsApp to use all uploaded media for its own purposes. And not only WhatsApp, but also its parent company Facebook.

Shadow IT can make it relatively easy for company secrets to get onto the Internet. But the resulting data loss is only the beginning.
If it comes to light that sensitive data of your company has leaked onto the Internet, the loss of reputation is immense. If it is still confidential employee or customer data, there is even a data protection violation. These are usually punished with drastic fines. License violations can even result in prison sentences.

The use of Shadow IT completely removes the control over the company data from the corporate IT, but not the responsibility for it.
This means that IT managers and directors can also be held personally liable for violations of the law that can be traced back to Shadow IT!

Many problems caused by Shadow IT

The problems associated with Shadow IT are manifold:
By using online services, company data can get into the internet unprotected. This contradicts all principles of data protection and data security – confidentiality, integrity and availability can no longer be guaranteed.
Since private devices are usually used for Shadow IT, these are not subject to the standards and security measures of the company hardware and are therefore usually much easier to attack. Data can also be lost in this way.
In addition, further legal problems can arise if the use of Shadow IT violates existing licenses.

So what can be done about Shadow IT?

Detect and counteract Shadow IT

In order to counteract Shadow IT, the first thing to do is to identify the requirements of the users. Why do you use these services at all?
In IT, you are usually very far away from the workflows in other departments. That’s why it makes sense to talk to your colleagues about their daily work. For example, ask your colleagues in the field directly: “What data do you need at the customer/partner’s premises and how do you access it? In this way, you will usually find the first processes for which the necessary IT support is missing.

Of course not every Shadow IT application can be handled with this methodology. Therefore it is important to have a complete overview of what is going on in your own IT network. For example, a list of all software products installed in the network can be very helpful when searching for Shadow IT. The same applies to an overview of all devices active in the network. An analysis of user permissions can also help to contain Shadow IT – by ensuring that each user only has the rights he or she really needs.

In summary, if you have a comprehensive overview of your IT environment, you will notice more quickly if and where Shadow IT is used.

Detect Shadow IT quickly with Docusnap

Good if you use Docusnap!

Docusnap’s regular and recurring inventory and documentation runs give you full transparency over your IT network.
Use the clear standard reports, for example, to quickly and conveniently identify third-party devices and unwanted software. Or determine the communication paths of conspicuous systems using the practical maps that are automatically generated for each system. Or analyse the effective user authorisations in the IT security area and how they are inherited.

Together, these analyses provide you with the optimal basis for identifying Shadow IT in your network.

Replace Shadow IT with “legal” products

Once you have uncovered Shadow IT through the survey of your colleagues and the technical analysis with the help of Docusnap and have identified the needs of your employees behind it, you can begin to replace them step by step with standard products supported by your IT.
If you already use Microsoft products such as Microsoft 365, you can replace WhatsApp with Microsoft Teams, for example. Teams is available for all common desktop and mobile operating systems and can be centrally managed very easily and conveniently. This way, Teams enables your colleagues to communicate seamlessly and securely, no matter where they are. If you also create individual Microsoft OneDrive Cloud Drives for your employees, they can access their data anytime and anywhere. However, the data doesn’t get to the Internet uncontrolled, but remain in a secure area managed by you.

Similarly, there is a “clean” solution for virtually any need.
You will see that if you provide your colleagues with supported solutions that meet their needs and help them in their daily work, you will be able to eliminate Shadow IT quickly and across the board.

Don’t give Shadow IT and the security and legal violations associated with it a chance!