Discovering Unmanaged Assets In Your Cloud Environment – Chuck Leaver

Written By Logan Gilbert And Presented By Chuck Leaver

 

We all identify with the vision of the masked bad guy bending over his computer late in the evening – accessing a corporate network, stealing valuable data, vanishing without a trace. We personify the opponent as smart, determined, and crafty. But the truth is the vast majority of attacks are made possible by easy human carelessness or recklessness – making the job of the cyber criminal an easy one. He’s inspecting all the doors and windows continuously. All it takes is one error on your part and hegets in.

Exactly what do we do? Well, you know the answer. We invest a large portion of our IT budget plan on security defense-in-depth systems – designed to identify, trick, fool, or outright obstruct the bad guys. Let’s park the discourse on whether or not we are winning that war. Since there is a far easier war taking place – the one where the opponent enters your network, business crucial application, or IP/PPI data through a vector you didn’t even comprehend you had – the asset that is unmanaged – often described as Shadow IT.

Believe this is not your company? A current research study recommends the average business has 841 cloud apps in use. Surprisingly, most IT executives believe the variety of cloud apps in use by their organization is around 30-40 – suggesting they are incorrect by an element of 20 times. The very same report highlights that over 98% of cloud apps are not GDPR prepared, and 95% of enterprise class cloud apps are not SOC 2 ready.

Defining Unmanaged Assets/Shadow IT

Shadow IT is defined as any SaaS application utilized – by workers, departments, or whole company units – without the comprehension or authorization of the business’s IT department. And, the introduction of ‘everything as a service’ has made it even easier for workers to access whatever software they feel is needed to make them more productive.

The Effect

Well-intentioned employees normally do not understand they’re breaking business guidelines by activating a new server instance, or downloading unauthorized apps or software offerings. However, it happens. When it does, three problems can emerge:

1. Corporate standards within a company are compromised since unauthorized software applications means each computer system has different capabilities.

2. Rogue software often comes with security defects, putting the whole network at risk and making it much more tough for IT to handle security risk.

3. Asset blind spots not only drive up security and compliance threats, they can increase legal dangers. Information retention policies developed to restrict legal liability are being compromised with details stored on unapproved cloud assets.

Three Key Considerations for Dealing With Unmanaged Asset Risk

1. Initially, release tools that can offer extensive visibility into all cloud assets- managed and unmanaged. Know what brand-new virtual machines have actually been triggered this week, along with exactly what other devices and applications with which each VM instance is communicating.

2. Second, ensure your tooling can offer constant stock of authorized and unauthorized virtual machines running in the cloud. Make certain you can see all IP connections made to each asset.

3. Third, for compliance and/or forensic analysis purposes try to find a service that supplies a capture of any and all assets (virtual and physical) that have actually ever been on the network – not just a service that is limited to active assets – and within a short look back window.

Ziften approach to Unmanaged Asset Discovery

Ziften makes it easy to rapidly discover cloud assets that have been commissioned beyond IT’s purview. And we do it continuously and with deep historic recall within your reach – consisting of when each device first connected to the network, when it last appeared, and how often it reconnects. And if a virtual device is decommissioned, no problem, we still have all its historic habits data.

Recognize and protect concealed attack vectors coming from shadow IT – prior to a disaster. Know what’s going on in your cloud environment.

Leave a Reply

Your email address will not be published. Required fields are marked *