Essential Guide

Combat the latest cloud security challenges and risks

A comprehensive collection of articles, videos and more, hand-picked by our editors
Manage Learn to apply best practices and optimize your operations.

Seven cloud security risks that will ruin your day

7/9

Letting shadow IT run amok

Source:  Michael Kloran
Designer: Michael Kloran for TechTarget

Shadow IT, or the unsanctioned use of software and virtual machines, not only wreaks havoc on a company's budget, but also creates serious security holes.

"There are people that go off the reservation all the time," said Justin Franks, lead cloud engineer, Lithium Technologies. Shadow IT forces "traditional IT to turn from a choke point -- or centralized management or security stance -- to a watchdog stance," he added. But rogue IT installments aren't necessarily malicious in nature. Often, corporate IT doesn't provision something fast enough, so developers fire up VMs outside of sanctioned cloud providers, creating back doors for accessing internal systems.

While finding those unsanctioned VMs isn't easy, it is getting easier. The first line of defense is to create policies against spinning up unsanctioned cloud services. The next step is to prepare for users to break those policies.

To gain visibility, IT teams use third-party tools such as ThousandEyes, Sumo Logic, Datadog and CloudPassage to monitor applications and analyze outbound firewall logs, or build their own agents to give them "eyes and ears everywhere," Franks said.

But these tools aren't in place to block developers from what they're doing, said Jim Reavis, co-founder of the Cloud Security Alliance. "These are people who are innovating," he added. "It's a matter of understanding what they're trying to do and helping them do it in a more secure way."

View All Photo Stories

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchServerVirtualization

SearchVMware

SearchVirtualDesktop

SearchAWS

SearchDataCenter

SearchWindowsServer

SearchCRM

Close