By Mike Semel, President, Semel Consulting, ASCII Group Member Since 2012
Data sprawl is bad enough. Having users decide on their own to implement IT solutions can kill a business.
Shadow IT is when employees bypass business processes and policies and use unsecure and unmanaged consumer-grade IT solutions for corporate data. Users set up their own free online sharing, remote access, smartphone backups, wireless access points, thumb drives, and other unauthorized risks that they thought were just making their lives easier. They may need access to their data from home or while traveling and don’t realize that they are creating security and compliance risks for their company. Shadow IT is adopted mostly by good people with good intentions, but in some cases it is used maliciously to steal proprietary data.
It is now so easy and inexpensive — often free — for someone to bypass company IT policies and procedures. Users view data casually, not as a valuable business asset or something that if lost can result in an expensive and embarrassing data breach. They treat company files the same as their family pictures, and don’t give their managers a vote in where the company’s data ends up.
Please log in or register below to read the full article.