Smarter ideas worth writing about.

Stopping "Shadow IT"

Tags: Security

Are you concerned that your staff is using applications without the knowledge of the IT department? If you are not, you should be. Recent surveys have found that over 80% of employees admit to using non-approved apps in their jobs.

This practice has been nicknamed Shadow IT by the popular press. It does not really matter why users have done this, but it is important to realize that it has occurred and to develop a strategy to understand the magnitude of the problem. Only after the applications have been identified, can appropriate actions be taken to mitigate the increased risk to which the organization is exposed.

Microsoft provides several different tools to help IT departments identify unapproved applications.

For organizations that use Office 365, Advanced Security Management (ASM) can be used to:

  • Create Anomaly Detection policies to detect suspicious activity
  • Create Activity policies to monitor administrative actions, such as log on from unexpected location, mass file downloads, or multiple log on attempts
  • Discover productivity apps in use by uploading log files from firewalls and proxies

If more functionality is needed, ASM can be upgraded to Cloud App Security (CAS) which provides a detailed report showing the apps in use, from which IPs and which users, along with a risk score for over 13,000 applications. CAS provides:

  1. Discovery
    • Identify all cloud applications in a network - from all devices
    • Risk Scoring with ongoing risk assessment and analytics
    • Does not require agent deployment - logs are imported from firewalls and proxies
  2. Data Control
    • Sanction apps with granular control and policies for data sharing - Salesforce, Box, DropBox, GoogleApps, AWS, ServiceNow, and Office 365 are included
    • Implement Data Loss Prevention policies
    • Out of the box and custom policies
  3. Threat Protection
    • User behavioral analytics - based on machine learning and worldwide data collection from Microsoft's data centers
    • Simultaneous logins, sudden downloads of data, brute force attacks

To learn more, join our 1-hour webinar on May 18 where I will discuss use cases and demo the functionality of ASM and CAS.


About The Author

Business Productivity Consultant
As a Principal Consultant in the Business Productivity practice in Charlotte NC, Dean is responsible for working with clients to plan and implement Office 365 and SharePoint systems. In addition to these responsibilities, he is currently leading the effort in this office to provide consulting services for Microsoft’s Enterprise Mobility Suite.