What Lurks in the Shadow: Addressing the Growing Security Risk of Shadow IT & Shadow Data Welcome to the Mordor of security, where the eye of BYOD reigns supreme, and the proliferation of easy-to-use devices is creating an unprecedented level of end user entitlement. A little knowledge has become a very dangerous thing by letting people “help themselves” to data and network access. This is the world of Shadow Data/Shadow IT, where rules are known but not observed; where risks are taken regardless of known consequences; and where “keep it secret” definitely does not keep IT safe. What happens when users or employees take it upon themselves to decide what tech they want to use and how they want to implement it? As the IoT proliferates, and human nature takes its course, we cannot out-engineer human failings and susceptibility. Because that device, and the freedom to use it as the user sees fit, override anything we currently put in place.
Cheryl Biswas is Assistant Chief Security Officer and InfoSec analyst, researcher and writer with JIG Technologies in Toronto, Canada. She handles communications; researches and delivers InfoSec briefings; and advises on Disaster Recovery and security processes for clients. She loves her role and works to bridge the gap between those in tech and those who aren’t.