Home Deep DiveArticles Shadow IT Poses Serious Security Challenges

Shadow IT Poses Serious Security Challenges


CIOs today are not accounting for how their network is actually accessed. A single user may be logged on through multiple devices: a phone, a tablet, and a laptop. There could also be myriads of devices on the network that IT doesn’t even know about. According to Fortinet, the global leader in high-performance cybersecurity solutions, this disconnect is driven by Shadow IT – the result of unbridled use of unapproved devices and services on the network. Shadow IT includes consumer or enterprise applications in the cloud, such as file sharing apps, social media, and collaboration tools. There is often no corporate policy or decision to allow this, and most of the time it is unknown by anyone on their IT team.

About 90 percent of employees and guests are connecting to their network wirelessly and yet wireless APs are often less secure than the wired perimeter. The proliferation of devices and applications is posing serious challenges for organizations that need to ensure the protection of their entire network and guard against advanced cyber security threats, according to Rajesh Maurya, Regional Director, India & SAARC at Fortinet. It is critical that a security solution map users to devices and control access accordingly and accurately.

The growing number of small devices that are not able to support security is one challenge. But even traditional wireless devices – smart phones, laptops, tablets – can create security gaps due to the number of mobile applications they run, both for personal and professional use. Contact management apps, games, shopping websites, and even legitimate online news outlets may be infected with malware without the user’s knowledge. This can, in turn, affect the enterprise network as a whole. Users sharing their log-in credentials with guests, or not changing their passwords regularly can also lead to security gaps.

Securing business communications, personal information, financial transactions, and mobile devices involves much more than network access control. It also requires actively scanning for malware, preventing access to malicious websites, end-point integrity checking, and controlling application usage. Protecting Access Points (AP) is paramount to a sound wireless security strategy, and to securely extend physical coverage for users. Today’s APs not only need to support high density environments, but also support security features like Application Visibility & Control (AVC), Wireless IPS (wIPS), and Rogue monitoring —all without the loss of performance.

Companies need a fabric with deeply integrated security systems that share information across all areas, including wired, wireless, VPN, and cloud environments. When the integration is coupled with machine learning capabilities, the system can flag abnormalities more accurately and more rapidly, and coordinate responses between different security deployments. All of this contributes to better response time for organizations in mitigating threats.

Recommended for You

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Close Read More

See Ads