Q
Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

How is cloud data loss prevention changed by shadow IT?

Shadow IT means enterprises are at increasing risk of cloud data loss, but providing employees with comparable file sharing apps can help.

Traditionally, data loss occurred because of accidental deletion of data, or users copying data to USB flash drives...

or hard drives. But cloud data loss is now impacting the data center due to shadow IT -- the unauthorized use by members within an organization of cloud services. It presents a unique challenge; the service is clearly something that users want, so IT needs to provide a controlled version.

The most common shadow IT services that contribute to cloud data loss are cloud-based file sync and share, cloud backup and public cloud-based email. These services are typically used to sync and protect data across their various devices or to provide more convenient access to email. While the use of these services may be legitimate and not intended to be harmful to the organization, it can also lead to data loss.

The first step in addressing cloud data loss due to shadow IT is to offer similar services to users but use solutions that have IT operational controls.

For example, a file sync-and-share product that uses the public cloud is very easy to sign up for to share data across devices and between users. The problem is that sharing occurs without the knowledge of IT. Shares can be set up with other organizations that may be competitors. When a user leaves the organization, the sync may be terminated but all the data that was on their devices stays with them.

The first step in cloud data loss prevention with respect to shadow IT is to offer similar services to users but use solutions that have IT operational controls. The end-user interface needs to be as good as the commercially available programs. At the same time, IT control needs to provide capabilities like notification of external sharing, blocking of certain types of sharing and remote wipe.

The second step is to implement a reporting system that will continuously scan the environment to look for unauthorized use of cloud services. This reporting is essential because it is difficult to block non-supported devices arbitrarily. There may be legitimate use cases, and cloud services appear so quickly it is almost impossible to block them all. Reporting alerts the IT professional to the potential breach and then they can take action from there.

Next Steps

Predicting the future of data loss prevention tools

How data governance is evolving in the world of shadow IT

Three steps to dealing with shadow IT risks

This was last published in September 2015

Dig Deeper on Data storage management

PRO+

Content

Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

2 comments

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

How do you prevent data loss in your cloud storage environment?
Cancel
This is new terminology to me. Why are we calling it shadow IT and why not just keep the nomenclature of data loss? I guess it's an animal unto itself, but if IT and enterprise professionals continue to segment our tools and our methodology, we're going to get lost in the details instead of actually focusing on keeping data safe. Let me say that again so you understand. The sole issue is to: Keep Data Safe. I don't care where it is, how it's shared, where it's accessed. Just keep it safe and let's get over this shadow, Jedi-mind-renaming of data. Thanks! /soapbox.
Cancel

-ADS BY GOOGLE

SearchSolidStateStorage

SearchCloudStorage

SearchDisasterRecovery

SearchDataBackup

Close