Shadow IT: Gaining control of a parallel universe

For network managers, merely the thought of unknown or even partly unknown IT infrastructures on a network can be enough to send a shiver down the spine. In shadow IT networks, complex infrastructures can develop from everyday practice, without the approval or knowledge of the IT department.

These infrastructures can range from manageable hardware environments to complete ERP solutions that are in daily use throughout the company – using the data of the official ERP system, but that are in no way accessible to the IT department, says Martin Hodgson, head of UK & Ireland, Paessler.

Independent shadow infrastructures often arise as a result of poor management or planning. If a department is not offered adequate solutions for the work they are tasked to do, or heads of department aren’t educated in the need to work from a centralised enterprise network, the situation may arise where solutions are created from the ground up without proper consultation with the IT department. Much like the creatures in Stranger Things, shadow IT networks can unleash a plethora of risks for networks and unwitting IT departments.

Exposing potential vulnerabilities

This is perhaps the first major risk which comes to mind when we think of unknown infrastructure on the network. Infrastructure that has been set up without the knowledge of the IT department often lacks the required level of security to ensure protection from cyber-attack. In some instances, hardware may be lacking up to date firmware and may even be without a firewall or virus scanner. In a world where a network is only as strong as it’s least secured device. This may leave an entire enterprise network vulnerable to attack.

Reducing the damage from data loss

Shadow IT systems and applications run outside of the IT department’s backup and restore plan. This can mean that mission critical business functions may be taking place without a back-up solution at all. In the event of an incident, such as a cyber-attack that leads to data loss, crucial company data may disappear entirely without any chance of recovery. In a worst-case scenario this can cause significant damage to company operations with potential for serious financial repercussions.

Securing data

Even if we ignore the issue of operating without sufficient back up, a shadow IT network may give no overview of potential data access. This means that external service providers, contractors and even former employees may have access to sensitive data. With no permissions overview, there is no way of predicting who can access data and what could be done with it.

Martin Hodgson

Maintaining efficient operations

Shadow IT hardware and software is often installed without the requisite testing. Although these systems may directly benefit the individual activities of the installer, this is often a reason for the creation of Shadow IT in the first place, the untested system may slow or even stop other business critical systems on the network. Even in shadow IT networks that run smoothly, double maintenance and administration is required to ensure the system continues to run smoothly in parallel with the official enterprise network.

Internal compliance

To state the obvious, the creation of shadow IT processes outside of established IT department protocol will likely violate a company’s IT compliance rules. More seriously however, introduction of shadow IT systems for specialist departments may be a fundamental breach of external regulation such as data protection law. In these instances, breaches of external regulation can lead to large fines from regulators and even company collapse.

Scary stuff, but it doesn’t have to be this way. Thankfully even widespread shadow IT issues can be controlled if the right strategies are put into place by the IT department and senior management. The first step to removing shadow IT systems is being able to locate them. Network visibility is the number one factor leading to the detection and removal of shadow networks. Even well-hidden parallel infrastructure may be detected for example via unusual data traffic readings through a router or switch.

The author is Martin Hodgson, head of UK & Ireland, Paessler

Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow

RECENT ARTICLES

Get a US$50 Amazon voucher for sharing your IoT brand knowledge

Posted on: March 28, 2024

We want to know what you know about the IoT space. Just 3 minutes could earn you a US$50 Amazon digital gift card!

Read more

Enhance EV charging performance with cellular connectivity

Posted on: March 28, 2024

Electric vehicles (EVs) are steadily growing their market share at the expense of internal combustion engine vehicles. The growth is fuelled by several factors. Perhaps most importantly, prices for EVs have started to drop as competition in the industry is intensifying. New players and models are emerging, prompting several established EV makers to lower their

Read more
FEATURED IoT STORIES

What is IoT? A Beginner’s Guide

Posted on: April 5, 2023

What is IoT? IoT, or the Internet of Things, refers to the connection of everyday objects, or “things,” to the internet, allowing them to collect, transmit, and share data. This interconnected network of devices transforms previously “dumb” objects, such as toasters or security cameras, into smart devices that can interact with each other and their

Read more

The IoT Adoption Boom – Everything You Need to Know

Posted on: September 28, 2022

In an age when we seem to go through technology boom after technology boom, it’s hard to imagine one sticking out. However, IoT adoption, or the Internet of Things adoption, is leading the charge to dominate the next decade’s discussion around business IT. Below, we’ll discuss the current boom, what’s driving it, where it’s going,

Read more

9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way you work, play, and live. But is it just another buzzword, or is it the as-promised technological holy grail? The truth is that Internet of

Read more

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT Platform 2021? authors Robin Duke-Woolley, the CEO and Bill Ingle, a senior analyst, at Beecham Research. Figure 1 shows these parts and, although not all

Read more

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, home automation using iot is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for smart home automation will reach $40 billion by 2020.

Read more

5 challenges still facing the Internet of Things

Posted on: June 3, 2020

The Internet of Things (IoT) has quickly become a huge part of how people live, communicate and do business. All around the world, web-enabled devices are turning our world into a more switched-on place to live.

Read more