If you need more evidence that shadow IT is taking hold in enterprises, look no further than the most recent Intel Security Cloud Report.
The headline finding is that roughly 40% of cloud services are bought and used without the involvement of enterprise IT.
We’ve known that shadow IT has been a problem for quite awhile, but I suspect most of us didn’t think its prevalence was quite that high.
Depending on the nature of the data and the apps used by employees and business units, shadow IT can be very risky — or it could add very little risk at all.
For instance, a salesperson putting call notes in Google docs does not present an outrageous risk. But a research scientist putting notes in the public cloud that form the intellectual property behind the company’s next big product presents a significant risk.
The survey also found that:
- 49% of professionals slowed cloud adoption due to a lack of cybersecurity skills
- 65% think shadow IT is interfering with keeping the cloud safe and secure
- 52% indicate a malware infection can be tracked to a cloud application
- 62% store sensitive customer information in the public cloud
“The ‘Cloud First’ strategy is now well and truly ensconced into the architecture of many organizations across the world,” said Raj Samani, EMEA chief technology officer at Intel Security, in a news release. “The desire to move quickly toward cloud computing appears to be on the agenda for most organizations.”
There’s no doubt that the world is running to cloud systems. But these systems don’t secure enterprise apps and data on their own. Sure, the infrastructure and APIs may be reasonably secure — and cloud providers are making tools available to better secure devices — but everything enterprises do and build on these clouds must be kept safe. And, at the very least, enterprise IT needs to have insight into the apps and data that live in the cloud.
While cloud adoption by the IT department may be slowing down due to a lack of skilled cyber workers, employees and business units are not stopping their cloud adoption.
This is creating a challenge for IT departments, to be sure. Currently, only about 47% of enterprises think they have visibility into shadow cloud services. And 65% of IT professionals think shadow IT has made it more difficult to keep their clouds secured.
They’re not wrong.