Security News > 2023 > March > Report: Too many enterprises have shadow IT – unlocked doors with no cameras
According to asset intelligence platform Sevco Security, too many organizations have windows and doors that their IT and security teams may not even know about, or may have no proper digital locks.
In its second annual State of the Cybersecurity Attack Surface Report, which culled data from 500 organizations and nearly one million IT assets, Sevco reports that the vast majority of the organizations it looked at do not have comprehensive visibility of the assets they need to secure.
"These assets consist largely of employees' personal devices connecting from home, as well as devices and servers used in shadow IT projects conducted outside the scope and purview of IT and security teams," said the firm's CEO J.J. Guy in the study.
"In either case, these devices are missing the security tools that will protect your IT environment if the device is exploited. The risk here is clear: you can't protect the assets you can't see."
The report's authors said the Windows clients evading detection are on personal devices or systems, or at least on devices that are accessing a company's software-as-a-service office automation assets or other IT infrastructure, but happen not to be in the company's mobile device management technologies.
"The likelihood is that these are the result of Shadow IT: instances unsanctioned by IT or security teams that were spun up - likely without applying the company's security protocols - to accomplish some sort of specific task," said the authors.
News URL
https://www.techrepublic.com/article/shadowit-leaves-security-grappling-low-visibility/