INTELLIGENT CLOUD
Shadow IT usage increasing
while visibility drops
A global cloud survey of 1,000+ organisations in late 2016 reveals a faster pace of Shadow
IT adoption with reduced visibility for IT, presented by Raj Samani at Intel Security.
I
n September 2016, Intel Security
surveyed over 2,000 professionals for
its annual cloud security research study.
This includes approximately 100+ cloud end
user executives from Saudi Arabia and UAE.
Excerpts of the trends around Shadow IT.
Visibility of Shadow IT drops from 50%
last year to 47% this year
An IT organisation that is slow to deploy
solutions can inadvertently encourage
other departments to commission their
own services. It can also lead to a disjointed
security environment, creating more work for
the security team. Whatever is driving Shadow
IT, whether it is the mainstream acceptance
of public cloud services or slowed adoption
by IT due to the shortage of security skills,
almost 40% of cloud services in use in an
organisation today are commissioned without
the involvement of the IT department.
This is not necessarily a bad thing, if
IT and security operations have sufficient
visibility to keep the applications, data,
and the organisation safe and secure.
Unfortunately, visibility of these Shadow IT
services has dropped from about 50% last
year to just under 47% this year. This is not a
very large drop, but it does affect the security
posture of the organisation. More than 65%
of IT professionals think this lack of visibility
is impairing their ability to keep the cloud
safe and secure, up from 58% last year.
Only 1% organisations not monitoring
Shadow IT usage
There are significant changes in the
actions which IT is taking to monitor and
manage the use of Shadow IT services. IT
departments appear to be moving towards
34
Next-generation firewalls have replaced database activity monitoring as the most likely
method being used this year, increasing from 41% to 49%.
Blocking access to unauthorised services is the top choice, but only 27% of organisations are
taking this action.
more active methods of monitoring and
employing technology in an effort to gain
better visibility. Next-generation firewalls
have replaced database activity monitoring
as the most likely method being used this
year, increasing from 41% to 49%.
Utilisation of web gateways increased
from 37% to 41%, and use of cloud access
security brokers increased slightly from
32% to 33%. At the same time, more
passive methods of detecting Shadow IT
activity, such as working with finance,
checking license usages, or word or mouth,
dropped significantly. Overall, only 1% of
Issue 05
INTELLIGENT TECH CHANNELS