Many employees still use unauthorized services to get work done
The use of so-called “shadow IT” poses a real risk to organizations of all sizes, worldwide, a new report from KnowBe4 has claimed.
Having polled 435,000 employees across the world, the company found that half regularly use shadow IT services on their endpoints to get work done.
Shadow IT is usually described as software tools and services used by employees, that haven’t been vetted by the IT department. It usually includes popular chat messenger platforms (Facebook Messenger, WhatsApp, Viber, etc.), public file-sharing platforms, free-to-use online tools, and others. Cybercriminals and other threat actors often leverage these tools to phish out passwords, login credentials, and other sensitive information, as well as to distribute malware, ransomware, and other viruses.
“Very concerning” findings
KnowBe4’s report focuses on two areas: the use of unauthorized cloud services to store information and communicate in the workplace; and the use of unauthorized file-sharing networks on work computers, to download various content.
Businesses located in Asia and Oceania were found to be among the worst performers. In these regions, for almost a third of enterprises (32%, on average), it’s common practice for employees to use Shadow IT. Organizations in Education (42.8%), Construction (35.5%), and Government (33.4%) were the worst performers.
On the other end of the spectrum are businesses in Latin America and Africa, where for just 20% of organizations, it’s common practice for employees to use Shadow cloud services. With just 17%, banking and bank-related organizations were performing best.
“The findings from this research are very concerning because employees are exhibiting insecure behaviors that are putting their organizations at significant risk,” said Kai Roer, chief research officer, KnowBe4.
“The concept of shadow IT has a direct impact on the level of security culture exhibited at an organization. To combat shadow IT, organizations should focus on strengthening their security culture and increasing employees’ level of security awareness. It is especially important for employees to understand and take responsibility for how their insecure behaviors can ultimately affect the organization’s reputation and bottom line.”
Audio player loading… The use of so-called “shadow IT” poses a real risk to organizations of all sizes, worldwide, a new report from KnowBe4 has claimed. Having polled 435,000 employees across the world, the company found that half regularly use shadow IT services on their endpoints to get work done.…
