Shining a Light on Shadow IT and Taking Back Control of the Cloud

In the beginning there was the firewall . . .

Several years back, organizations did not even think about users signing up for their own applications. This is because each application required access to resources that were beyond their control. Storage, compute, and network configurations were all IT’s domain and so IT needed to be consulted before a new installation could take place.

Now? Users can simply enter their credit card number into an easy-to-use portal and almost instantly have a usable product. This may be a well-established application, one with security that surpasses your own data center. However, it could also be an application hosted in someone’s basement, a person who thinks “Security by Obscurity” is adequate protection.

Taken to the extreme, users could even spin up their own infrastructure to support nearly any in-house developed application!

Why do users feel the need to strike out on their own in search of applications?

• IT can’t move fast enough due to legacy processes, software and hardware
• A lack of comfort or training (or desired features) in terms of the solution IT offers
• New users or users brought in under an acquisition might have their own products

As organizations grow, the number of applications that lurk in the shadows can balloon quickly. Traditional IT methods are not fast enough to keep up. Thankfully there is a solution that can light up the shadows and expose the risks that come with each application that is in use in your organization.

Bring technology back under IT’s control

Microsoft Cloud App Security integrates with your firewall to ingest and analyze communication between your users and their applications. It then processes that data against a library of over 14,000 known cloud apps to determine business, security, and compliance risks associated with the apps that have been detected.

 

Using this data, IT can quickly identify users and applications that are introducing risk into the organization. Applications can be evaluated against IT policies and approved for use if they stack up. If not, alternative applications, with better security controls, can be suggested.

The cloud app catalog can be used to find suitable replacements for applications that do not meet your requirements. You can apply filters for compliance, security risk, and general information such as headquarter location to select applications that you are comfortable with.

Now that you are in control, it is important to keep on top of it. Cloud App Security gives you the ability to define alerting rules that will notify you when new applications are discovered. You can also filter them so that only high risk applications are brought to the attention of the IT team. Now IT can concentrate on giving users the tools they need without allowing additional risk to creep in.

Gain a partner in the effort to prevent Shadow IT

It doesn’t stop there, Cloud App Security can be used for so much more, including data loss prevention, file management, sharing management, and in depth behavioral analysis. If you would like to see any of this in action, Arraya Solutions’ Microsoft and Cloud team is ready to guide your organization through a live demo or pilot.

To schedule some time with our team, or to learn more about this or any of our cloud and security solutions, visit: www.arrayasolutions.com/contact-us/. To leave us a comment or question based on this post, check us out on social media: LinkedIn, Twitter, and Facebook.