You Can’t Defend IT Hidden in the Shadows

You can’t secure and protect devices or data you aren’t even aware of. It’s a simple premise, but one that has become more and more relevant in recent years. It’s challenging enough to just keep up with identifying, managing, and resolving the vulnerabilities you know about, but it’s crucial to be able to detect and identify those unknown and shadow IT assets as well.

You can’t secure and protect devices or data you aren’t even aware of

The explosion of mobile devices, cloud services, and virtualization tools make it very easy for employees to connect to and use unauthorized technologies that IT is not aware of. All of your effort to manage vulnerabilities and protect the network can be undone by one attacker exploiting a vulnerability on an unknown device or service connected to your network. When users introduce technologies and applications without IT consent, they expose the company to unnecessary risk and handicap IT’s ability to effectively protect the network.

Lurking in the shadows

You can’t be confident in your security posture if you can’t be sure you’re identifying and remediating vulnerabilities in all of the devices and applications on your network. You might achieve some false sense of security by checking a box for resolving the vulnerabilities you’re aware of, but shadow IT can still leave you weak and defenseless.

Unknown mobile devices on your network expose you to significant risk. A report from the end of 2015 found that an average mobile app has nine vulnerabilities—and more than a third of those are critical or high vulnerabilities. The report revealed that more than a quarter of the mobile app vulnerabilities result in personal or sensitive information leakage, and nearly a quarter are related to authentication and authorization.

An average mobile app has nine vulnerabilities

Another place where risk lurks in the shadows is with cloud services and virtualization. Users just sign up for services like Dropbox or an unsanctioned CRM tool, and with the push of a button your network and data are exposed to vulnerabilities you don’t know about. Cloud providers average 18 vulnerabilities per asset. It takes on average 103 days for a typical organization to remediate a security vulnerability. Cloud providers are faster than many other industries when it comes to addressing vulnerabilities, but whether it’s 30 days or 300 days you can’t address or mitigate the risk because you don’t even know you’re exposed.

Turn on the lights

There’s a Chinese proverb that goes, “Better to light a candle than to curse the darkness.” You don’t need to fear unknown and shadow IT. You just need to accept that it exists and have the right tools in place to deal with it.

The traditional approach to vulnerability management isn’t good enough. Conducting periodic scans only provides a snapshot in time. The scan may not identify new or unknown assets. Even if it does, it will miss devices and services that are not connected or enabled at the time of the scan, leaving you exposed again until the next periodic scan.

Conducting periodic scans only provides a snapshot in time

Tenable SecurityCenter Continuous View™ (CV) provides comprehensive visibility of all assets on your network. SecurityCenter CV™ enables you to detect and identify transient laptops, personal mobile devices, and rogue cloud applications. It combines active and passive monitoring tools to detect unknown devices and applications, and identify associated vulnerabilities so that shadow IT doesn’t expose you to unknown risk.

Unknown assets and shadow IT are part of today’s IT reality. You need to make sure you have policies and tools in place to ensure you have complete visibility combined with relevant context so you can take decisive action to protect your network and data.

For more information, read about Tenable’s Unknown and Shadow Assets solution. And watch the Tenable Blog this month for more articles about Shadow IT.