Over the past decade, businesses have increasingly supported a Bring Your Own Device (BYOD) policy. Citing convenience and a better experience for employees as their motivation, research estimates that up to 80% of organizations have adopted a BYOD-friendly policy. In recent years, Bring Your Own App (BYOA) is increasingly popular, too, allowing employees to use SaaS apps that they’ve discovered themselves, in addition to the apps provided and approved by IT.
With many organizations now suddenly working remote full-time, BYOD and BYOA is inevitable. Many workplaces don’t have a choice, as company-issued laptops or phone systems may be difficult to distribute – whether due to budget, manpower, or resource challenges. So, more employees are using personal laptops and smartphones to do their work. But the dark side of this new norm means an existing problem – shadow IT – is now exponentially worse.
The dangers of shadow IT
Shadow IT refers to the devices and applications introduced into a workplace that are not managed by the IT department, whether an employee is working in the office or working remote.
Typically, any software or hardware in a business is first vetted by the IT team. They do routine testing to evaluate the user experience and security before making a purchase. IT teams are trained in how to use the software or device in question, so they can provide support to any employees who encounter problems. And importantly, they can ensure that the company is reducing any risk of breach from third-party services.
But when remote employees work from personal laptops, send emails on personal smartphones, and check out new apps to help them do their job, all on an unsecured WiFi network, a company’s risk level significantly rises. IT is left scrambling to get insight into all access points in the business and make sure the proper security measures are in place to prevent cyberattacks and data breaches. But, getting insight into every access point is almost impossible when there are apps and devices in use that IT doesn’t even know are there.
Control shadow IT with a centralized access solution
We may be dealing with unprecedented times, but that doesn’t mean IT can’t get control of shadow IT in their organization. The same rules apply. When building your IAM strategy for remote work you need a plan and the right tools to address shadow IT.
The two main challenges of shadow IT – lack of visibility, and increased security risk – are best addressed with a centralized solution that manages access to every application and device. No matter what employees are using to do their work – IT approved or not – the right solution will ensure those connections are as secure as possible.
Password management makes strong password policies enforceable, and easy for employees to comply with. By giving employees convenient storage for every password in use, IT can gain oversight of password security across the organization and gain control over every device and app brought into the organization.
It also means gaining control over employee access. Single sign-on enables IT to provision access to employees from one centralized portal for complete control over which employees can access what. Employees can authenticate into their work without having to type a password, while IT maintains control over access to help reduce the risk of shadow IT.
A centralized solution that combines password management and single sign-on ensures that all access points – those managed by IT, and those they don’t know about – are accounted for and protected. With a holistic access solution, IT gains oversight of employee password security, access behaviors, and devices in use with the visibility needed to identify risks coupled with the control to mitigate those risks.