The Hidden Truth Behind Shadow IT

The Hidden Truth Behind Shadow T Employees are increasingly circumventing corporate IT policies to choose their own applications, thanks to the low cost and easy accessibility of cloud-based Software as a Service (SaaS). But without IT oversight and security policies applied, sensitive corporate data can be left at risk. Businesses must find a way to balance employee choice with asset protection. FIRST, ADMIT IT More than 80%E2 of employees admit to using SaaS applications in their jobs without IT approval Nearly of all SaaS 35% applications used in business are not approved, contributing to Shadow IT IT PROFESSIONALS ARE THE WORST OFFENDERS IT is more likely to use non-approved SaaS 83% 81% VS. IT Non-IT Employees Restrictive policies aren't helping anyone |39% 218% 24% of IT users say of IT users say of all users say Saas applications allow "me to bypass IT processes." IT restrictions on applications make it difficult to do my job. Non-approved software meets their needs better than the IT-approved equivalent. POPULAR APPS ARE RISKY BUSINESS Shadow IT encompasses the most popular SaaS categories FILE-SHARING, BUSINESS SOCIAL MEDIA STORAGE, AND PRODUCTIVITY (including Microsoft Office 365 and Google Apps) (led by Linkedin and Facebook) BACKUP (including Dropbox and Microsoft Skydrive) (15% 12% 11% Used without IT approval or policy applied The most popular apps, approved or not, should not be left unsecured SECURITY EVENTS, APPS USED BY SUCH AS MALWARE ORGANIZATIONS WITH TOP SECURITY EVENTS INFECTION, DATA LOSS, OR OVER 1,000 EMPLOYEES UNAUTHORIZED ACCESS 45% 35% 19% have experienced a security event Use Facebook Infected by malware 40% 17% 27% have experienced a security event Use Google Apps Leaked sensitive data 36% 16% 24% have experienced a security event Use Dropbox Unauthorized access On average 15% of employees have experienced a security, access, or liability event while using SaaS RECOMMENDATIONS Ditch the dictatorship. Don't block popular SaaS applications outright. Employees are often simply trying to get their jobs done. Be inclusive, not exclusive. Provide access to a broad range of apps, giving employees the freedom to select what best meets their needs. Protect employees and corporate data. Implement a security solution that transparently enables secure access to SaaS applications, protects against malware, and prevents data loss. VIEW THE FULL REPORT at mcafee.com/webprotection SOURCE Stratecast | Frost & Sullivan research. SPONSOR: MCAfee, Inc. DEFINITIONS Shadow IT: Employees' use of non-approved Saas applications to do their jobs. SaaS: Software as a Service. Cloud-based applications, accessible via the Internet or other network. © Frost & Sullivan McAfee Stratecast FROST & SULLIV AN An Intel Company