Are Unapproved Software & Devices Wreaking Havoc on Your Network? Here's How to Stop It

Shadow IT worms its way into your network when employees lose sight of security.  They start bringing in their own devices, or installing unsanctioned software.  The oversight that would prevent such activity?  It’s just not there, for whatever reason.

In our last WOOF! we introduced Shadow IT, using a recent customer example.  In Part 2, we will discuss what happens once it gets in, and how to stop it before it does any damage.

The 3 Ways Shadow IT Disrupts Your Business

What kind of damage can Shadow IT do to a business?  You’re looking at elevated bandwidth costs, for one, but it gets worse.  Shadow IT can drain away an entire office’s productivity, and even expose you to cyberattack.

Disruption #1 – High Costs

Usually, when Shadow IT creeps in, most companies don’t receive any alerts.  They find out when they get their Internet bill.

Company networks plan for a certain amount of bandwidth, given the number of computers, and the apps they use.  Unsanctioned apps disrupt by using up more bandwidth than allocated, creating an Internet access overage.

At our customer’s office, users used Wi-Fi to watch YouTube, play games, etc.  They also used company-issued phones for non-work purposes, pushing the company cell plan over its bandwidth cap.

This all adds up fast—can you afford a $27,000 Internet bill?

Disruption #2 – Loss of Productivity

Any time spent on non-work-related activity leaves less time for actual work.

Here’s an example of productivity loss, with hard numbers.  In March, millions of employees spent work time discussing their March Madness brackets.  The outplacement firm Challenger, Gray & Christmas studied this phenomenon, and calculated the cost to U.S. businesses…between $615 million and $2.1 billion.  In one month.

Switch March Madness with YouTube, chatting, or playing games.  Same result.

Bandwidth lost to Shadow IT also disrupts other users’ productive time.  If a productive user can’t access online resources while a non-productive user watches YouTube, you lose the productivity of two people at once.

Disruption #3 – Risk of Cyberattack

The least common, but most severe risk of Shadow IT:  leaving the business open to cyberattack. Unsanctioned apps are outside of the company’s cybersecurity protections, which means they aren’t monitored for threats.

A SentinelOne white paper points out that endpoints (users’ computers) with Shadow IT on them can become entry points for cyberattacks.

For example:  The WannaCry ransomware attack spread (in part) due to email phishing.  It arrived in an email that appeared legitimate, so people clicked the links and activated the ransomware.

Shadow IT essentially constitutes a security hole you don’t know you have. Until it’s too late.

How to Stop Shadow IT

Prevention is the best method of stopping Shadow IT, by blocking unsanctioned apps/devices before they get in.  We recommend a four-part fix, to both guard against & resolve issues from Shadow IT.

1. Network vulnerability testing
2. Secure backups
3. Locking down administrative access
4. Internet access control software

We’ve covered vulnerability testing and backups in previous issues (the links above will bring you to the respective articles).

1. When it comes to Shadow IT, vulnerability testing finds and closes security holes through which your users could inadvertently let cyberattacks in.
   
   
2. Backups are there as a just-in-case measure…in case a network crash occurs, or a cybercriminal does break in.
   
   
3. Locking down administrative access:  No standard user should have administrative control of their computer.  That allows them to install unauthorized software.  It also allows a cybercriminal full access to their computers (and others on the network) when they break into the user's account.
   
   
4. Internet Access Control:  IAC software manages devices on the company network, and controls the Internet access available to them.  We instituted two such access controls for a customer recently: URL Filtering (through Forcepoint) and Mobile Device Management [MDM] (through AirWatch).
   
   
   • URL Filtering:  Blocks certain websites from access on all company devices.
     • One user was streaming movies on their computer at work, and at home on their (company-issued) phone.  They used up 33GB in one month!  After Forcepoint blocked streaming access, their data use dropped to 3GB.
   • Mobile Device Management:  Controls what users can install on mobile devices, and monitoring their activity.  We referenced it in this Avoid Laptop Theft When Traveling.
     • The company network already had AirWatch deployed.  We connected their AirWatch to Forcepoint, boosting its monitoring alerts and restricting all mobile devices’ software installation privileges.

Shine the Light on Shadow IT, Save Your Business

The customer suffering from Shadow IT?  Now they’re thrilled.  We blocked all potential bandwidth/productivity drains at the device level.  Employees can’t visit YouTube at work, even if they try.  If someone brings in a personal device, one that’s not authorized to use the company network?  It can't even get on the Wi-Fi.

Their Internet bill dropped from $17,000 to $12,000 after the first month.  It continued dropping as we cleaned all the unsanctioned apps off company devices, and removed personal devices. We estimate it will drop another 25% by August—saving the customer over $15,000.

The most important thing: Vigilance.  Shadow IT may not be a malicious activity, but it’s a constant whisper in users’ ears.  The thought can arise at any time.  “Just install that app from home, it’ll work faster!”

Your company’s productivity is at risk with each whisper.  Stop Shadow IT before it comes in, and you’ll never have to worry about it.

Does your office have Shadow IT running within it?  Email us at support@planetmagpie.com and we’ll help get it out.