Gartner has predicted that 33% of attacks experienced by enterprises will be as a result of shadow IT resources by 2018. These ‘digital’ shadow IT assets provide the functionality website visitors expect (video, images, social, reviews, customer id, etc.) as well as enable more efficient management of digital property (CMS, DMP, analytics, etc.) The problem is that this code may also contain malware, but website IT would never see it. Chris Olson, CEO at The Media Trust commented below.
“With GDPR around the corner, IT departments need to assess the risks present in their Digital Shadow IT–the undocumented third parties executing in their website environment. These vendors provide specialized services–data management platforms, image or video hosting, marketing analytics, content delivery, customer identification, payment processing, etc.–which operate outside the IT infrastructure. How can IT control something they can’t see? GDPR will prove to be a watershed moment for digital businesses. When enterprises realize they have no control or insight into the code executing in their websites, security teams will be forced to clamp down on the third-party vendors currently used to render consumer-facing content.”
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.