While the term may seem ominous, ‘shadow IDs’ are being used in every company everywhere. They were brought into the mainstream when JPMorgan was fined $200 million in December 2021 for allowing their staff to use them.
A shadow ID is a user profile on shadow IT. That’s simply applications or programs installed and used on company hardware without company consent.
In the case of JPMorgan, it was WhatsApp installed on their own devices and used at work to discuss company business.
While this is an extreme example, employees being fined for using their own app on their own devices, it brings to light a common vulnerability in enterprise networks that not everyone is aware of.
Unsanctioned applications running on the company network that the IT department doesn’t know about.
This can be largely prevented by using user profiles that lack installation privileges but with portable apps being able to run from USB or other portable storage, it’s a constant battle to keep a network ‘clean’.
The rise of remote working and the pandemic saw a sharp rise in shadow IT. Existing programs weren’t always up to remote working and approvals were slower than usual.
Plus, remote workers were often granted admin rights to their devices to help troubleshooting.
Both these things contributed to a rise in shadow IT use. Use that probably continues today even though most of us are returning to the office.
The main challenge with shadow IT is that most network monitoring tools cannot identify it. They are designed to detect malicious code and traffic and won’t always be able to tell whether traffic is from legit IT or shadow IT.
The best strategy is to use education and clear policies to inform staff and managers of the risks.
You can streamline IT approval processes and make it much easier to use preferred apps legitimately and utilize a SaaS solution that provides commonly used shadow IT applications legitimately within your network.
The vast majority of staff would prefer using legit software over apps they know they shouldn’t be using, so this can be very effective at tackling this phenomenon.
Remember, the goal with eliminating shadow IT is to reduce threat vectors and vulnerability, not preventing staff using their preferred apps.
Integrate that thinking into your approach and you could drastically reduce the risks presented and secure your network just a little more effectively.