Shadow IT: Fear it or embrace it?

2022-10-05 12:00

There remains some hesitancy in fully adopting this approach, and organizations must weigh the benefits and risks before deciding whether shadow IT is to be fully embraced.

Since Forrester Research coined the model in 2010, zero trust has proven its ability to provide organizations guidance on continuously managing and mitigating evolving risks to protect their digital assets and outweigh the adverse effects of so-called "Bad shadow IT." Despite this, zero trust presents plenty of risks to an organization, and these can often outweigh the positive outcomes.

To implement a zero-trust program in the long run, it is demanded that organizations have applications, devices, networks, data assets, access rights, users and other resources in a detailed inventory alongside the organization having financial and non-financial resources for support.

Consequences of bad shadow IT. Even with the right resources in place to execute a program of zero trust, bad shadow IT can still present serious risks to an organization's network infrastructure.

The IT department also has no control over who is accessing resources with shadow IT. Whether it is specific data that employees shouldn't be able to access, or ex-employees being able to access a system despite departing an organization, there is no control over who has an account or what these accounts can do, which makes data increasingly challenging to monitor, with little to indicate whether there has been a severe breach.

Organizations can embrace shadow IT so long as this is done correctly, rather than adopting restrictive measures like zero trust.

News URL

https://www.techrepublic.com/article/shadow-it-benefits-challenges/