What’s Up With Shadow IT?

Sounds cool; is not cool.

So you’ve got a document you need to send to your accountant yesterday… but the file’s too big to attach in an email. What’s there to do?

The correct answer is to contact your IT team (us!) so we can assist by installing a secure, commercial-grade file-sharing application, or show you some alternative methods you may already have available with Office 365.

What not to do? Downloading a free copy of Dropbox or other file-sharing software without notifying anyone.

“Shadow IT” describes applications installed by employees as workarounds, without notifying the IT department or provider. These applications come with a hefty price: security.

If we don’t know about a program, it can cause gaps in the management or security of your systems and leads to massive frustration if an employee leaves a position with important files stored in personal cloud storage.

The best way to reduce the risks of shadow IT? Provide tools for file sharing, and education on how to use them. For most documents, sharing a secure link through Office 365 (on Word, PowerPoint, Excel, or through OneDrive) is a great, easy, and secure choice.

In The News

More shadow IT. Avoid using AI extensions like Claude’s plugin for now–sites can sometimes inject code into them without your knowledge, posing a big security risk. Ars Technica: Malicious websites can embed invisible commands that AI agents will follow blindly.

M&S hackers claimed to be behind Jaguar Land Rover cyberattack. “The carmaker’s operations were ‘severely disrupted’ as hackers linked to Scattered Spider claimed access to its network.” (From The Times)

Questions on managing shadow IT risks? We can help. Call us at (309) 689-3900.

P.S. If you enjoy Cyber Treats, please forward it to a friend! If someone shared this with you, welcome to the club! These tips land in inboxes every two weeks–sign up here.