Controlling Shadow IT Projects

Security teams have their work cut out for them. As the application and IT environment become more complex, the adoption of DevOps and container technologies, like Docker, create the need for more frequent change.

Attackers have grown more sophisticated in their attacks and more adept at attacking soft targets, like poorly managed IoT devices. According to Symantec’s 2019 Internet Security Threat Report, IoT devices experience an average of over 5,000 attacks each month, with routers and connected cameras accounting for over 90% of the attacks.

While understaffed teams struggle to secure the environment they manage and control, additional risk comes from IT projects launched by others in their organizations without the knowledge or supervision of IT. “Shadow IT” projects include unapproved software, web applications, servers, IoT devices, and services run by marketing, engineering, and other functional areas of the organization.

Download the PDF