What is ‘Shadow IT’?
Shadow IT refers to the various web tools informally in use within most organisations. These tools are often chosen without reference to IT or to management in general.
They are often used for all the very best reasons. Your colleagues have work to do, and these tools help them, so they get used. You might know about some because there is a subscription charge, but others might be free.
These tools can be anything from simply keeping lists of tasks to do, sharing information or managing workflows, providing newsletter lists, or recruiting staff. Its endless.
There’s all sorts of web pages out there that your people will be finding useful and will be using.
The question is, do you know what is being used on your behalf?
Even more importantly, do you know who’s got access to them? As your staff come and go, do you know to change passwords or reset user accounts to make sure that no one who has left you (maybe even gone to a competitor) is still able to access your confidential data?
Shadow IT is one of the largest threats to data privacy in organisations today. It’s not necessarily because these sites are going to be hacked, although it’s always possible, but it’s because if you don’t know the tools are in use, then there is no way that you can manage them!
The first step to maintaining this data is to identify them, and that’s why you need new tools that are cloud focused.
If you’re still using the same old security tools that you used prior to the cloud, then you are simply not keeping up and we need to talk!
Here’s a story about what happens if you don’t have this under control: Why you need to know all the cloud services that your organisation uses – IT Solutions and Managed Services (kinetics.co.nz)
Shadow IT is part of our 10-point cyber-security check list
While there is no single layer of technology that can guarantee you will be safe from hackers, you can reduce your risk by adding layers of protection. How many of our 10-point check list are in place for you?
Avoid the IT Travel Woes
Free Webinar Replay : Avoid the IT Travel WoesBusiness travel is fraught enough. It's a nightmare to balance tight connections, and tough time zones with work colleagues that are accustomed to being able to link you into Teams meetings and urgent chats.How can you...
Lessons from the Change Healthcare attack. Why MFA Matters
By now, regular readers know how important MFA is. Unbelievably, there are still some people who think this is for someone else, and they don't need it themselves. Unfortunately, we are seeing some of these people fall victim to the very scams we've been writing...
What happened when we got told we’d been hacked?
“We’ve been hacked”. When you hear that the world stops. What does this mean? How bad is it? How can we manage that? That was the news earlier this week. It was quite confronting! Suddenly your careful plans for the day are thrown aside as your priorities have...
Can VPNs be defeated?
We’re reading about a flaw called ‘TunnelVision’ that could give hackers access to overcome virtually any VPN security solutions. It works by manipulating routing in DHCP, which is the mechanism networks use to hand out IP addresses to devices. DHCP has been around...
Will some of your emails stop?
Microsoft Exchange Online to retire Basic authentication We are going to face a big change coming in September 2025, Microsoft is going to be disabling SMTP Basic Authentication. This continues work they commenced a couple years ago to disable other protocols such as...
How to create passwords that hackers hate
A guide to making your online accounts more secure and less boring Have you ever used your birthday, your pet's name, or the word "password" as your password? If so, you're not alone. According to a study by NordPass, these are some of the most common and worst...
Is MFA enough? – the need for multiple cyber security layers.
At Kinetics, we've always emphasized the importance of multi-factor authentication (MFA) as a critical layer in cybersecurity. Without MFA, it's only a matter of time before you fall victim to a cyber attack. However, as we've also mentioned, no single defense is...
Securing your Mac
It does not seem that long ago I would hear Mac users say “I don’t need Anti-Virus”, or "Mac’s are not affected". To a certain extent they were right. Apple's use of tightly controlled application approvals reduced the surface area for attack. Mac users did not enjoy...
How secure is your cloud IT? Is it as safe as you expect?
Your cloud computing can be safe and secure, or open and vulnerable - the choice is yours. With the rise of hacker activity and cybercrime, it’s essential to lock down your cloud and protect it from threats. For most businesses, the standard 365 settings aren't...
What would you do Canterbury? Incident Response Workshop
Mastering Cybersecurity What would you do? Table-top exercise Join us for an interactive table-top simulation exercise. Imagine - you are busy going about your day when suddenly your meeting is interrupted. "No one can access their files" or "We just accidently paid...