Rogue IT: Your data might be leaking
In his first column for AccountingWEB, cybersecurity expert Adam Harling looks at 'Rogue IT', and how your business could be at risk without you even realising it.
Simply put “Rogue IT” is the use of unauthorised technology in an organisation. In days gone by this was usually quite simple and often innocuous.
For example, your creatives storing images and assets on a portable hard disk they privately purchased, a team sharing files on local PCs to bypass all the security requirements imposed by IT to create a share on a server, or in extreme cases perhaps a network-attached storage device connected and storing the files for a department with a tech-savvy team member.
While these actions were not ideal and often had all sorts of backup and security implications, they were at least physical, easy to detect and behind the perimeter firewall. Enter the tech-savvy workforce and the death of physical media.
With large scale adoption of cloud file sharing, and just about everyone in the workplace now not only comfortable with adopting new technology, but also often keen to work quickly and fully aware that they can achieve the result they need by simply bypassing IT approval, we have a real problem.
Once your IT team lose control of the location of data, they lose the ability to secure it, the ability to back it up and monitor it.
The most common way we see data leaking is via unsanctioned and unmonitored cloud file-sharing platforms. It’s not the choice of platform that’s the issues, it’s that if it is used to store your data, it needs to be managed.
A worked example might start out innocently enough. Our keen team member needs to work on the Q3 forecast from home, the file gets transferred to a personal cloud storage account, so the file can be opened from the home PC – and there we have it, in that simple innocent action your data is in the wild and at risk.
Should that account be breached, your IT team have no control over the passwords or security policies in place on this account
Should that employee leave the organisation, your IT team have no way of removing access to that data
Should the file contain critical data and be lost or corrupted, you likely have no route to a backup
The file could be shared with anyone and everyone, inside or outside your organisation, even your competition, your IT team will have zero visibility
What can we do about this issue? Thankfully there are some technologies available that can help, often called “DLP” or Data Loss Prevention.
This technology allows alerts or restrictions on the movement of data. It can detect sensitive information and prevent it leaving a network or storage platform.
DLP technology can be found in many modern “UTM” firewalls such as the WatchGuard M series, configured correctly they can be a great aid in keeping your data inside the network.
Microsoft also offers DLP features as part of the Microsoft 365 platform, this can be an involved project to implement but offers probably the most complete technology solution.
As always, we also need to look at people and process. Make sanctioned tools available to your team. If remote working is required, have a policy and toolset in place before your users “go rogue” and circumvent your IT.
Make it easy for your users to request tools from your IT team, try to remove barriers for adopting new technologies, and should a tool not be sanctioned ensure your users know why.
Have a robust personal device policy in place, and if you choose to adopt “BYOD” (Bring Your Own Device), ensure you take advantages of MAM (Mobile Application Management) that allows sandboxed access to company data on personally owned devices.
So, have you got a rogue? Is your data out of your network and out of control?