Shadow IT dogs the enterprise, delights hackers

Every enterprise's networks are hosting hundreds of devices, many of which have no security oversight.
15 May 2018

Employees bring their own device. Does that compromise your network and make you vulnerable? Source: Shutterstock

A new study published by network management organization, Infoblox, shows that today’s enterprise networks are hosting a good deal more devices than IT management either know about or know how to deal with.

The presence of these “extra” devices on a company’s networks is what is known today as “shadow IT,” and is the 2018 manifestation of BYOD (bring your own device) policies in place in many organizations.

While the study shows that 82 percent of organizations have a security policy in place for connected devices brought in from outside the enterprise, IT directors appear not to know with any degree of accuracy how effective their policies are.

Eighty-eight percent of IT leaders who responded to the survey, claimed their security policies were either very effective or, effective. Yet nearly 25 percent of employees in the US and the UK did not know if their employer had a security policy pertaining to networked devices at all.

The bottom line is that enterprise staff are bringing in and using their own devices, and either don’t know that security policies are in place to at least monitor this type of use or simply don’t care.

In fact, 20 percent of respondents in the UK said that if their organization did have a security policy for connected devices, they rarely, or never, followed by its edicts and only 20% of respondents in the entirety of the report said that they adhere to any shadow IT security policy by the book.

The most common devices found on networks include fitness trackers, at 49 percent, digital assistants such as Amazon’s Alexa devices at 47 percent, smart TVs at 46 percent and games consoles such as PS4s at 30 percent – in companies’ R&R areas, we would hope.

There was also a sizeable contingent of smart domestic appliances in office kitchens, such as connected kettles or microwaves (33 percent of respondents)

BYOD has become an accepted part of business practice in all but the smallest number of cases, with the personal smartphone the most commonly used device on the company’s network.

Most employees in the US and the UK admit to using the LAN for a variety of reasons, including downloading apps, games, and movies, as well as catching up on social media (39 percent of respondents).

While seemingly innocuous, other than a potential waste of paid-for time, these types of practices open the enterprise up to a wider attack vector, from phishing, malware downloads, and social engineering attacks.

Tracking and protecting the ever-shifting sands of network endpoints is one of the most significant challenges for any IT security department, an issue highlighted by Gary Cox, technology director, Western Europe at Infoblox:

Due to the poor security levels of many consumer and IoT devices, there is a very real threat posed by those operating under the radar of organizations’ traditional security policies. These devices present a weak entry point for cybercriminals into the network, and a serious security risk to the company.
Networks need to be a frontline defence; second only to having good end-user education and appropriate security policies. Gaining full visibility into all connected devices, whether on-premise or while roaming, as well as using intelligent DNS solutions to detect anomalous and potentially malicious communications to and from the network, can help security teams to detect and stop cybercriminals in their tracks.

The full report, entitled “What’s lurking on your network: Exposing the threat of shadow devices” including recommendations on remediation, can be found on the Infoblox website.