As many as 80% of IT pros believe their end users have ‘gone behind their back’ to set up unapproved cloud services, with a whopping 40% accusing their users of ‘going rogue’ five or more times.
That’s according to a new report from Spiceworks, who polled 338 IT pros from across the globe to shine a light on the difficulties organizations face in managing the use of cloud services on their networks.
As many as 40% of respondents believe their organization’s data is more vulnerable now compared to five years ago as a result of users adopting cloud services that aren’t approved by the IT department, with larger businesses at greater risk due to shadow IT.
“We live in a world where ‘Shadow IT’ is now the norm and employees are using cloud-based technology without even knowing it,” David Kennerley, director of threat research at Webroot, told Infosecurity. “Files are being shared and new collaboration and messengering tools are being used without the IT department always knowing about it.”
Understanding which cloud services are being used within the organization is essential, he continued. Without a clear understanding, customer and proprietary information may inadvertently be made available to external parties.
“IT departments need to understand the needs of the business, while also making sure employees are following well-maintained security policies regarding the use for third-party cloud solutions.”
User education, policy and auditing are essential, added Kennerly. Employees need to be fully aware of the dangers of using non-IT sanctioned cloud services.
“If in doubt, contact IT. IT need to regularly check that policy is being adhered to. Keeping company data safe is the responsibility of every employee within the company.”