SHADOW IT TO SHADOW PRODUCTIVITY: THE END-USER THREAT - Triangle Computer Services

I’M YOUR TYPICAL MILLENNIAL EMPLOYEE…

 

with unparalleled access to applications that will enable me to do my work quicker and to a higher standard. Google Docs, Prezi, Screenshots… The majority of those applications my IT department have no control over.

 

When I first entered the world of IT – I heard about shadow IT in the context of massive AWS bills coming through the door. My first thought was ‘that’s fair enough’. Developers are under massive pressure to get product out the door- to them that’s the most important thing.

 

But of course MASSIVE security concerns….

 

Now I have entered the world of the end user, it seems many are taking the same approach and I’m the biggest culprit! Let’s face it, when you’re comfortable doing things a certain way – when you will get away with doing it – you will. It’s not a malicious thing, we’re just busy people who want to hit deadlines and reach targets. Which is what an organisation likes to hear.

 

But again, MASSIVE security concerns….

 

And it isn’t just technology, it can be as simple as printing sensitive documents and losing them, or using pen and paper opposed to a CRM! So maybe it’s about rethinking our approach to end-user security. No longer can we throw technology at people and expect them to use it. Technology today is built for the end-user, organisations need to be thinking the same way.

 

I heard someone speak about the future of security. Namely how organisations should be thinking about security in light of such massive growth and innovation in the malware and ransomware space. Your organisation WILL be attacked – what do you do about it when it happens? It can have a small or monumental impact, it’s your policies and procedures that will determine that.

 

pin unlock

 

So taking that premise into our context in the end-user world, what does that mean?

  • Someone will leave a laptop on the bus…
  • Someone won’t put a pin on their device…
  • Someone will copy and paste sensitive data into a 3rd party app….

 

These are the end user threats. We must assume that the rules will be broken and mistakes will be made. It’s human nature! It’s about having policies and procedures built with the user in mind for if and when that happens.

 

In most organisations you have throngs of new tech-savvy individuals entering the workforce. With the economy growing and competition for talent heating up- it’s important to think like they do. Let’s face it, most of this shadow use of productivity apps will never have a real negative impact.

 

But, will it take a massive data leakage for the business to take notice?