September 10, 2019

A tale of coping with shadow IT

by Abhay Wadhwa in EMS, Office365

Let’s take a sneak peek at an interesting situation that is quite common in organisations today:

You have a Business Development Manager by the name of Utkarsh. Utkarsh is working on an account that the potential to land a one hundred-thousand-dollar deal. Utkarsh is preparing a proposal for the account at home but is unable to do so because he does not have a USB to copy content over. Utkarsh goes on to install Dropbox over his computer and copy his content over to Dropbox to get the job done.

Now looking over the above situation, three things are clear:

  1. Utkarsh is a hard-working employee.
  2. Utkarsh is trying to make his work easier.
  3. Utkarsh has shared data over to popular and well-respected company’s software.

Now Dropbox is a great service and many organisations use it to share their data among employees using it. But in the above situation, Utkarsh’s use of Dropbox has given rise to an unnecessary cloud vulnerability. This vulnerability can be exploited by cybercriminals to gain access to your valuable data.

This is because in this situation Utkarsh did not add Dropbox in the organisation’s IT infrastructure with the IT department’s permission. Therefore, Dropbox is now Shadow IT. Now nobody knows Dropbox has been added to your infrastructure, therefore no one is examining how secure that application is. And most importantly, nobody is aware that corporate data is being shared over it.

Sadly, this is a very common occurrence.


Mismo has seen a lot of similar security loopholes within organisations. With the rise of Software as a Service (SaaS) applications, like Salesforce, Mailchimp, Zendesk, Google Drive, Dropbox; it has become hard to keep a control over data that is making its way out of the organisation’s hands. The sadder part is that employees are just trying to make their work easier and do their job by using these applications that the organisation is not aware of and the employees do not understand what the consequences of using these applications can be. This is known as Shadow IT.

Mismo has over the years tried to come up with solutions to overcome the problems that shadow IT creates. What Mismo found out was that Microsoft’s Cloud App Security is the best way to deal with it. Microsoft’s cloud app security comes with Azure Active Directory Premium. It gives visibility into what are the cloud applications that are being used in your organisation.

Microsoft Cloud App Security

Microsoft Cloud App Security helps you to utilise cloud applications fully and not compromising on security by providing visibility and control over your organisation’s data travel so that you can combat with cyber threats.

Cloud app security helps to:

  • Discover and control the use of Shadow IT
  • Protect your sensitive information anywhere in the cloud
  • Protect against cyberthreats and anomalies
  • Assess the compliance of your cloud apps

A look at what Cloud App Security does:

  • Firstly, it does shadow IT reporting. It maps and identifies your cloud environment and the cloud applications running on it.
  • It will help to your data in the cloud to be monitored and controlled.
  • It helps you to sanction and unsanction cloud application that are running in your IT environment. Cloud app security has ranked almost 16000 applications. You can see the risk associated with all those cloud services.
  • It also helps to detect behaviour by employees which is not typical of them. So, you get notified in case of potent ion security exploitations.
  • Cloud App Security will itself help you to set, revise and recommend best policies.

So, by running Microsoft Cloud App Security in your organization, you can create a snapshot of the Cloud apps that your organization is using and gain valuable insight into what Shadow IT could be residing within your environment. Plus, Microsoft Cloud App Security will also provide you with a rank of how secure each of your Cloud apps are, and even create policies that can help define your user’s behaviour in the Cloud, such as detecting risky behaviour, limiting downloads, setting rules that force data being stored in the Cloud to be encrypted in transit, and more.

Leave a Reply

Your email address will not be published. Required fields are marked *

× How can I help you?