What is ‘Shadow IT’?
Shadow IT refers to the various web tools informally in use within most organisations. These tools are often chosen without reference to IT or to management in general.
They are often used for all the very best reasons. Your colleagues have work to do, and these tools help them, so they get used. You might know about some because there is a subscription charge, but others might be free.
These tools can be anything from simply keeping lists of tasks to do, sharing information or managing workflows, providing newsletter lists, or recruiting staff. Its endless.
There’s all sorts of web pages out there that your people will be finding useful and will be using.
The question is, do you know what is being used on your behalf?
Even more importantly, do you know who’s got access to them? As your staff come and go, do you know to change passwords or reset user accounts to make sure that no one who has left you (maybe even gone to a competitor) is still able to access your confidential data?
Shadow IT is one of the largest threats to data privacy in organisations today. It’s not necessarily because these sites are going to be hacked, although it’s always possible, but it’s because if you don’t know the tools are in use, then there is no way that you can manage them!
The first step to maintaining this data is to identify them, and that’s why you need new tools that are cloud focused.
If you’re still using the same old security tools that you used prior to the cloud, then you are simply not keeping up and we need to talk!
Here’s a story about what happens if you don’t have this under control: Why you need to know all the cloud services that your organisation uses – IT Solutions and Managed Services (kinetics.co.nz)
Shadow IT is part of our 10-point cyber-security check list
While there is no single layer of technology that can guarantee you will be safe from hackers, you can reduce your risk by adding layers of protection. How many of our 10-point check list are in place for you?
What does the LastPass breach mean for you?
There have recently been a couple of well-publicised breaches of LastPass. Most people will be familiar with LastPass but in case you are not, it’s a well-known and popular password vault/manager.Does this mean you shouldn’t use a password vault? Absolutely not. YOU...
Are you making the most of your password manager?
Passwords are the basic protection for our various online accounts. It amazes me how basic some people’s passwords are. Passwords like, well ‘password’ or ‘123456’ are still commonly in use! In case that sounds unbelievable, here’s a list of the top 200 for...
Kinetics KARE clients – we’ve just added a layer of security
With the latest news of yet another local New Zealand high-profile cyber attack, it must be obvious that cyber-threats are real. EVERYONE is at risk of cyber attack! This latest incident is particularly close to home for me, because I chair the board of one of the...
Multifactor Authentication (MFA) gets even more secure!
Microsoft are making their authenticator even safer! Most of us will have experienced random pop-ups on authenticator asking us to approve access to our systems. We will have wondered what triggered it. Is it a hacker? Now we'll be able to get more information. Your...
Is your cyber-insurer testing your business?
Over the last month, we’d heard about this happening in the US and now it seems to be happening in NZ as well. Cyber insurers are working hard to mitigate their risk and that includes stepping up their testing of their clients. Right now, that appears to be more...
Is public WiFi safe?
Free public WiFi can be tempting.Whether it is in cafe, an airport or a shopping centre, free Wi-Fi is very tempting. Who wouldn’t want faster data, without the cost. But, as with anything that is free, be very careful! It is very easy to become a victim of something...
What can you expect if you get crypto-locked?
!Right now, there’s a crypto-locked server in the lab in our Kinetics Auckland Office. It’s not from one of our clients, but a business that’s come to us, after the event, asking for help. We are busy rebuilding it and restoring the data and configuration to the...
Are you meeting the requirements of your Cyber Insurer? (And are you minimising your risk anyway?)
Given the scale of cyber-attacks, we aren’t surprised to be hearing reports of insurers applying a "duty of care" test before agreeing to pay out. Despite sending chills up your spine, when you consider this, it makes sense as Insurers do the same thing to vehicles,...
3 billion devices are at risk. Does that include you? (it probably does)
An actively exploited high severity "zero day" cyber-security exploit has been found in the Google Chrome web browser. With over 3 billion users it will take some time for the update roll out to everyone. Meanwhile, everyone who uses Chrome on their PC is...
MFA is important, but it is no silver-bullet.
There are no silver bullets. No one can guarantee you won’t be hacked, but we can make it harder. We can reduce your cyber-risk by taking reasonable steps to make it harder to hack you. The key is to have layers of security, and to keep reviewing the technology in use...