• Quikteks Blog
• October 9, 2020

What You Need to Do to Prevent Remote Shadow IT

Shadow IT is as sinister as it sounds. It refers to rogue technology and software that is probably being used in your business, without being vetted or approved. It’s a longstanding problem, even with in-house operations, but it has become an even bigger issue as businesses make more use of remote working. In your business, shadow IT can be dealt with through trust management, good communication and effective staff training.

Shadow IT is a big deal

As the Covid-19 pandemic has swept the world, remote working has become more and more prevalent, as people try to stay safe and prevent the spread of the virus. Working off-site or from home is very new to many people, and without guidelines, workers are often forced to improvise to keep operations on track.

Staff deserve credit for their initiative in finding solutions to new problems, but this can lead to the use of unvetted software. This could mean that, when connecting to the business network, they risk exposing your company’s IT infrastructure to hidden threats.

The good news is that there are a number of ways that you can minimize the risks that shadow IT can pose. At the top of the list is a trusting relationship with your staff and good channels of communication regarding IT resources.

IT and businesses users working together

Mobile solutions, including smartphones and BYOD (bring your own device) have become more and more widespread in business. At the same time, endpoint management solutions have become more critical, as it is recognized how vital it is that businesses keep control of their IT and the ways it is used. This technology can be used to accomplish various important business tasks:

• Installation of applications and updates
• Blocking features and apps that are not essential to the business
• Remote locking or wiping of devices

The key to effective endpoint management is that it needs to be properly run and maintained.

Managing remote devices

When managing devices used for remote working there are various steps to take:

• To start with (if you haven’t already done it), conduct a comprehensive audit of all the devices that you and your staff use for work. That should include not just the devices your company owns, but also personal devices used for remote working. This is essential for effective endpoint management, because it will allow you to analyze who needs remote access to which resources, and how that remote access will be accomplished.
• On the basis of your inventory you will be able to design an access permissions system based on individual roles. The basic principle to follow is the ‘least permissions rule’, with access based on the need to know. This doesn’t have to apply to all your company data, but it should apply to any data that is sensitive and/or confidential. If there’s no reason to limit access, don’t do it, in the interests of inclusivity and open communication with your team on your business operations.
• Clear communication with your team means telling people why it’s important. You probably remember rules that were drummed into us as kids: rules that seemed pointless then because we didn’t appreciate their necessity. Be transparent with your team, in the interests of fostering cooperation that will in turn help to promote safe working. If people understand the measures you’ve put in place then they will be less likely to create their own, possibly unsafe, alternatives when faced with a problem.

The bottom line is that good communication between your IT team and your operational staff is vital, and you the right tools and training can also help avoid problems.

Quikteks can supply the technology you need for safe and productive remote working, and our managed IT services provide ongoing support. To learn more, give us a call at (973) 882-4644.