In an era in which technology is the foundation of every organization’s operations, the adoption of new technologies is crucial for growth and market competition. However, one of the greatest threats that has emerged from the increased use of technology is the phenomenon of Shadow IT. So, what is Shadow IT, and how should we address it?
Shadow IT refers to the use of technologies, software, and cloud services within an organization without the approval or oversight of the organizational IT department. Simply put, it involves tools that employees choose to use to solve everyday problems without understanding the broader implications for the organization’s information security and compliance.
This phenomenon, no longer rare, creates serious risks for the organization, particularly concerning information security and data leaks.
A recent amendment to the Privacy Protection Act in Israel, recently passed by the Knesset, includes significant changes. Among other things, the amendment expands the definition of private information, aligning it with the broader definitions in European law and allowing for hefty fines on companies that violate privacy laws and information security regulations.
The combination of the increase in Shadow IT usage and the stricter regulations in the country necessitates that organizations place a special emphasis on the management and control of their information systems to avoid severe economic and legal consequences.
ChatGPT and risks
One tool that has become particularly popular in organizations is ChatGPT, which allows employees to perform a wide range of tasks, from writing code to creating marketing content, without the need for formal approval.
The use of ChatGPT itself is not problematic, but when it enters the organization without the IT department’s knowledge, it can expose the organization to serious security risks.
Another example of Shadow IT is the presence of “dormant” servers connected to the organizational network but not actively used or properly managed. These servers, which are not updated or maintained, can become vulnerabilities within the organization. In such cases, dormant servers can serve as “back doors” through which attackers can penetrate the organizational network and exploit existing security gaps.
Additionally, the installation of software by employees without the approval or knowledge of the IT department also poses a risk. These installations, which may seem harmless, can open the door to cyberattacks, cause incompatibility with other systems, or expose the organization to breaches of sensitive information.
The primary risks in this regard are information security and data leaks. When employees use ChatGPT to create code, write documents, or perform data analysis, they may input sensitive information, such as customer data, business plans, or financial information. If this information is stored or processed by external tools that are not monitored, it becomes particularly vulnerable to leaks and cyberattacks.
A classic case that I often hear about is the use of ChatGPT to write SQL queries or scan data from databases. If this query passes through an external service without adequate encryption or protection, the data can leak out – with all the severe consequences that accompany it.
The solution to the Shadow IT phenomenon is not necessarily a complete ban on the use of new technologies. Instead, organizations should develop a flexible policy that allows employees to utilize advanced technologies in a controlled and secure manner.
Employees must understand the risks of using external technologies without approval and the importance of maintaining information security, proactive monitoring, and control of the organization’s IT servers, as well as adopting advanced technological solutions for management and control.
Key steps
One of the key steps is to use advanced technologies that enable automatic mapping and monitoring of all systems and servers in the organization, including those not directly managed by the IT department.
These technologies can map all the servers and systems in the organization within a short time and offer a comprehensive view of all digital assets, including those that entered the organization without official approval. This allows for the quick identification of tools and services in use and the tracking of their activities – enabling the organization to identify potential risks and respond in real-time to any threats to information security.
These technologies help ensure that all sensitive data is handled according to the organization’s security policies and regulatory requirements while maintaining full transparency regarding the use of external technologies. Through automatic monitoring and mapping, the organization can effectively protect its information and reduce the risks associated with Shadow IT.
The writer is a co-founder of Faddom, a company that manages a platform for mapping and documenting IT infrastructure, serving some of Israel’s largest business companies such as the Bank of Israel, Clal Insurance, Shufersal, SolarEdge, and more.