Centrify Cloud Expo Europe poll shines light on shadow IT
More than two-thirds (67 per cent) of organisations admit that unauthorised cloud applications are being implemented without IT’s knowledge or involvement, and correspondingly pose a security risk to the business. This is according to a snapshot poll by Centrify, the leader in unified identity management across cloud, mobile and data centre, at Cloud Expo Europe last week in London.
As Shadow IT becomes a bigger challenge for businesses – with employees downloading applications without going through a formal IT procurement process – around 40 per cent of respondents said that between 10-20 per cent of Cloud services are now being purchased outside of IT. A fifth admitted that between 10-20 per cent of cloud applications are being implemented without any knowledge or involvement from IT, while half of respondents believed it was less than 10 per cent.
“It probably seems like an easy solution for people looking to cut corners and avoid having to go through the formal process of getting IT approval,” says Barry Scott, CTO EMEA at Centrify. “The problem is that so much cloud-based software is easily available and requires no IT skills whatsoever to manage, so staff are just downloading the tools they like or that will help in their work, without considering the risks.
“While half of our poll respondents were confident that less than 10 per cent of applications were being implemented without their knowledge, they are likely to be underestimating the extent of shadow IT in their organisation. Without the necessary controls and security policies in place, including passwords and authentication, unauthorised cloud apps are opening up corporate data to the risk of compromise,” Adds Scott.
Visitors to the Centrify stand at Cloud Expo were also asked to estimate how much time they spend managing unauthorised cloud applications – 42 per cent said between 1-2 hours per week, while 21 per cent said between 2-5 hours per week.
About Centrify
Centrify provides unified identity management across data center, cloud and mobile environments that deliver a single sign-on (SSO) for users and a simplified identity infrastructure for IT. Centrify’s unified identity management software and cloud-based Identity-as-a-Service (IDaaS) solutions leverage an organization’s existing identity infrastructure to enable single sign-on, multi-factor authentication, privileged identity management, auditing for compliance and mobile device management. Centrify customers can typically reduce their total cost of identity management and compliance by more than 50 percent, while improving business agility and overall security. Centrify is used by more than 5,000 customers worldwide, including nearly half of the Fortune 50 and more than 60 Federal agencies.
For more information, please visit http://www.centrify.com/.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.