Shadow IT: Risks Associated with SaaS App Usage in SMEs

March 2, 2018 Arctic Wolf Networks

Parallel universes are common in fiction. The novel “Through the Looking-Glass” by Lewis Carroll is a good example, since it features a fantasy realm with links to the “real” world at times, but entirely surreal at others. For instance, Alice enters the alternate dimension by passing through a mirror into a familiar-looking room, only to see that the book of poetry there is written in reversed script requiring that same mirror to read it.

Shadow IT: The Bizarro World of SME technology

In IT environments, the “through-the-looking-glass” phenomenon is subtler, but still disruptive. It is usually coined “shadow IT” and encompasses all applications—but predominantly software-as-a-service (SaaS) programs—used throughout the organization without the approval of the IT department.

Shadow IT is to normal IT operations what the Bizarro World was to Earth in DC Comics: the complete opposite, despite surface similarities. Shadow IT applications are unmonitored and prone to rapid expenditure growth, whereas their traditional counterparts are vetted and also constrained by official budgets.

For SMEs, shadow IT represents an existential threat. The risks are wide ranging, not unlike installing rogue programs to a PC or filling up an Android phone with apps from an unofficial third-party store. The limited wherewithal of many organizations complicates oversight while reducing the overall margin for error if something does go wrong.

Potential dangers of shadow IT include:

1. More frequent and damaging data breaches

A tidal wave of unapproved apps can open the floodgates to a costly data breach.  IT research firm Gartner predicts that by 2020, one-third of all breaches will exploit resources invisible to IT. What’s more, these shadow IT services might also represent the majority all cloud consumption.

One networking vendor estimated that shadow IT is almost ten times the size of known cloud usage. For every 108 verified services, there are 975 that IT doesn’t know about. Shadow IT is like an iceberg, mostly hidden from view, but very dangerous should anything come into contact with it.

2. Unpredictable and burdensome costs

Shadow IT also creates many new direct and indirect costs. Multiple departments could be licensing the same software without knowing it, since IT is out of the loop. Network bandwidth usage might also rise and squeeze out key apps. Distinctive SaaS traffic is particularly problematic for older wide area networks built on pricey MPLS links, which are expensive to scale.

Not to mention that, since shadow IT decisions are made with little planning, users are likely to run into unexpected usability and integration challenges that require help desk attention. Even if shadow IT doesn’t manifest as new expenses on licenses or bandwidth, its effects will be felt in the additional strain on IT’s limited time, including its capabilities in detecting and addressing security events.

Unapproved SaaS apps might be putting data at risk of being breached.Unapproved SaaS apps might be putting data at risk of being breached.

3. Picking the wrong apps

In DC Comics’ Bizarro World, an earthling who encountered a figure looking almost exactly like Batman wouldn’t be meeting Gotham City’s most accomplished superhero, but rather an incompetent doppelganger named Batzarro. For SaaS apps within shadow IT, there’s always a similar risk of buying into something that’s not what you bargained for.

It’s easy to see how this happens. After all, IT often takes its time in evaluating different solutions to understand their potential short- and long-term effects on the entire organization. Individual shadow IT users aren’t so patient. They look for software that fulfills immediate needs, such as sharing a file or setting up a chat. Security implications are barely, if at all, considered. Once the selection proves inadequate, a lot of time and money has been wasted, and a company’s security exposure has been increased.

Shine a Light on Shadow IT with a Security Operations Center

As the name suggests, shadow IT (specifically that of SaaS apps) is fundamentally a problem of limited visibility. Solving it requires a comprehensive network-wide solution like a professionally staffed security operations center (SOC).

Given the components of a SOC—including a security information and event management (SIEM) platform—such a solution has been traditionally out of reach for many SMEs. Fortunately, this is no longer the case. New approaches such as SOC-as-a-service include a fully functional SIEM that’s overseen 24/7/365 by expert security analysts, all within an affordable and predictable annual subscription.

With SOC-as-a-service, SMEs get peace of mind that even subtle anomalies on their networks can be immediately identified and acted upon. The assistance of a trusted partner like AWN cements the reliability of the platform so that it consistently keeps you safe without getting in your way. Find out more here.


Previous Article
Incoming Cyber Risk: How Your Contractors Can Undermine Your Security
Incoming Cyber Risk: How Your Contractors Can Undermine Your Security

When you think about it, it’s not surprising that contractors pose one of the biggest risks to your organiz...

Next Article
How SOC-as-a-Service Solves the SME InfoSec Talent Gap
How SOC-as-a-Service Solves the SME InfoSec Talent Gap

It'll take an entirely new security model for the SME market to get its head above water, and we believe SO...


Get cybersecurity updates delivered to your inbox.

First Name
Last Name
Yes, I’d like to receive marketing emails from Arctic Wolf about solutions of interest to me.
I agree to the Website Terms of Use and Arctic Wolf Privacy Policy.
Thanks for subscribing!
Error - something went wrong!