Tackling Shadow IT Through a Modern CAASM and SaaS Approach


By Kathleen Ohlson

How can you protect — and manage — what you can't see?

It's one of the most challenging tasks IT and security professionals tackle every day. And it's especially true when it comes to shadow IT.

Shadow IT is costly to organizations. For large enterprises, Gartner reports that 30% to 40% of IT spending goes to shadow IT. And because of the increase in remote work, the scale of shadow IT has skyrocketed.

The consequences of shadow IT

Employees aren't waiting around for permission to add another virtual server, SaaS application, or other need. For them, it just requires a credit card to create an account.

Forty-six percent of IT leaders reported that the purchase of non-sanctioned software "makes it impossible" to protect all of their organization's data, systems, and applications all the time, according to "Perception Gaps in Cyber Resilience: Where Are Your Blind Spots", a survey conducted by Forbes and IBM.

As the risks grow, so do the chances for cybersecurity breaches. In fact, the Forbes and IBM survey found one in five organizations have experienced a cyber event that was caused by a non-sanctioned IT resource.

A modern, holistic way to control shadow IT

How can IT and security professionals get comprehensive visibility?

The first way is through cyber asset attack surface management (CAASM).

Inventorying, managing, and securing assets — workstations, cloud services, software, and user accounts — is critical to understand what's happening in an organization's attack surface.

But asset inventory is time-consuming, especially when it comes to compiling it manually. And traditional approaches don't provide an understanding of shadow IT in a company's infrastructure.

Cybersecurity asset management platforms are an important factor to a comprehensive asset inventory. These platforms track all devices, cloud services, software, and users no matter where they're located, or their uptime or power state.

Platforms like Axonius do this by leveraging an organization's existing data. They allow teams to continually conduct up-to-date inventories in real time. These platforms provide IT and security professionals with the ability to automatically discover security gaps and customize triggered actions when an asset or user deviates from policies and procedures.

All this helps control shadow IT, too.

The other way is via SaaS management.

SaaS management solutions like Axonius connect all the layers of a SaaS stack, discovering known and unknown applications. IT and security professionals give complete and actionable visibility into all data types and interconnectivity flows. That means they've got visibility into the entire SaaS stack, like understanding what these apps are used for and who's using them, finding redundant applications, and streamlining SaaS compliance reporting.

The top SaaS management solutions help mitigate security issues, like misconfiguration risks and suspicious behaviour, that expose sensitive customer and business data.

The cybersecurity asset management and SaaS management solution work in combination, initiate all these actions in the background, and provide a single source of truth so security and IT professionals can focus on more proactive and preventative measures.

Sustaining Partners