Shadow IT Discovery
The Shadow IT Challenge
Organizations everywhere are moving to the cloud. It makes sense. Companies can be more efficient and individuals can be more productive.
The problem? Most cloud services lack enterprise-grade security, which leaves users, apps, and data vulnerable. Whether IT deploys sanctioned cloud apps, or empowered individuals use unsanctioned “shadow IT” apps, organizations are at significant risk.
When IT is aware of cloud applications, they have the power to do something about the security risk. But when IT has no idea who is using what, the situation is out of control. Most IT organizations lack the visibility to understand the extent of the problem of shadow IT.
Unfortunately, the problem doesn’t end there. Most shadow IT discovery solutions look only at software as a service (SaaS). That just isn’t enough. A shadow IT discovery solution needs to encompass everything from marketplace applications (SaaS) to custom applications (PaaS) to infrastructure (IaaS). And it needs to characterize the behavior of the applications in relation to other services. Otherwise you will be left with dangerous security gaps.
What capabilities must a contemporary Shadow IT discovery solution offer?
Modern shadow IT discovery solutions must include 5 main key capabilities.
First and foremost, a Shadow IT discovery solution must offer visibility into all cloud services used by the enterprise. This includes commercially available SaaS, applications installed from app-marketplaces as well as services installed on top of IaaS and PaaS. The visibility should also extend to services that interoperate with other cloud services.
2. Risk Analytics
Application risk scoring based on static characteristics of a particular cloud service offers very little value to the enterprise. A true risk analytics capability based on real-time interaction between the application in question and other cloud services and resources is a must.
3. Automated Access Control
The ability to control access to shadow applications by means of native enforcement through next-generation firewalls, or endpoint agents, is a key requirement of modern Shadow IT discovery solutions.
4. Complete Auditability
Shadow applications could be accessed from anywhere on the network, or from any managed or unmanaged endpoint. The ability to provide a complete audit trail across all of these various enterprise network or endpoint assets is critical to holistic Shadow IT discovery.
5. Integrated Incident Response
Many legacy Shadow IT discovery solutions merely identifies the applications, leaving the follow up action as manual tasks for the IT staff. Modern Shadow IT discovery solutions must tie into or integrate with the enterprise’s existing incident response processes. Only then can Shadow IT be controlled in real-time without undue burden on the IT staff.
“Palerra’s LORIC platform secures our entire cloud service environment, from Box and Office 365 to AWS. To fit our specific needs, the Palerra Consulting Services team integrated LORIC into our existing operations and provided comprehensive insight into the configurations and capabilities of all the cloud services we leverage.”
Senior Director of Security and Infrastructure