As the work environment landscape changes and employees become more mobile, the use of cloud-based collaboration tools is growing. These cloud-based applications bring their own IT assets that are outside the control of the corporate IT team, thus creating a new type of shadow IT.

These types of tools cause businesses to lack visibility and control. There is also the risk that these shadow IT cloud tools require new controls or processes. At the same time, IT budgets are being squeezed, and cloud services offer valuable savings and increased efficiency. While it is difficult to strike the necessary balance between the proactive adoption of resources and budgetary restrictions, it is possible with the right initiative from chief information security officers (CISOs) and other executives.

CISOs Need to Take the Lead

CISOs and chief information officers now need to ask questions regarding how they do the following:

  • Uncover shadow IT practices
  • Gain visibility into cloud application usage
  • Remove unapproved cloud apps
  • Protect against any risky behavior
  • Respond quickly to growing security threats that emerge as a result of shadow IT
  • Address compliance and governance concerns as it relates to shadow IT
  • Support the business in the adoption of software-as-a-service (SaaS) and cloud-based apps

IT teams need to discover, connect and protect the business’s use of these new cloud-based SaaS apps. This includes partnering with the lines of business in approving these new apps and training employees on how to properly use them.

Finding the Right Model to Fight Shadow IT

A model to consider follows many of the patterns from the on-premises world. It prioritizes discovery and visibility, identity and access, event correlation, threat prevention, policy enforcement and easy-to-use catalogs.

Discovery establishes a learning period to identify what is being used, which data is being shared and where it located. Organizations should implement identity and access controls to these new approved apps, encourage the fast onboarding of the new apps and add an easy-to-use catalog for organizational purposes. A fast onboarding process and a thorough catalog of approved apps gives the business the speed and agility it needs. Event correlation should also feed a centralized event management system from these new cloud SaaS programs.

Threat prevention needs to understand the reputation of apps and the security posture they have certified, all while blocking unapproved apps with questionable reputations and enforcing policies that block access to rogue apps. New, effective enforcement policies could be achieved by integrating with threat intelligence communities. An app store should clearly list the approved, security-compliant apps.

In today’s changing environment, security and compliance strategies need to change quickly. They can be most effective when teams partner with the lines of business to ensure organizations have the proper tools for protecting the business and its reputation.

More from Cloud Security

How Do You Plan to Celebrate National Computer Security Day?

In October 2022, the world marked the 19th Cybersecurity Awareness Month. October might be over, but employers can still talk about awareness of digital threats. We all have another chance before then: National Computer Security Day. The History of National Computer Security Day The origins of National Computer Security Day trace back to 1988 and the Washington, D.C. chapter of the Association for Computing Machinery’s Special Interest Group on Security, Audit and Control. As noted by National Today, those in…

Why Are Cloud Misconfigurations Still a Major Issue?

Cloud misconfigurations are by far the biggest threat to cloud security, according to the National Security Agency (NSA). The 2022 IBM Security X-Force Cloud Threat Landscape Report found that cloud vulnerabilities have grown a whopping 28% since last year, with a 200% increase in cloud accounts offered on the dark web in the same timeframe. With vulnerabilities on the rise, the catastrophic impact of cloud breaches has made it clear that proper cloud security is of the utmost importance. And…

Charles Henderson’s Cybersecurity Awareness Month Content Roundup

In some parts of the world during October, we have Halloween, which conjures the specter of imagined monsters lurking in the dark. Simultaneously, October is Cybersecurity Awareness Month, which evokes the specter of threats lurking behind our screens. Bombarded with horror stories about data breaches, ransomware, and malware, everyone’s suddenly in the latest cybersecurity trends and data, and the intricacies of their organization’s incident response plan. What does all this fear and uncertainty stem from? It’s the unknowns. Who might…

How an Attacker Can Achieve Persistence in Google Cloud Platform (GCP) with Cloud Shell

IBM Security X-Force Red took a deeper look at the Google Cloud Platform (GCP) and found a potential method an attacker could use to persist in GCP via the Google Cloud Shell. Google Cloud Shell is a service that provides a web-based shell where GCP administrative activities can be performed. A web-based shell is a nice feature because it allows developers and administrators to manage GCP resources without having to install or keep any software locally on their system. From…