Skip to content

New Episode: Shining a Light on Shadow IT

On this episode of Focal Point’s award-winning companion podcast, Let’s Converge, Candy Alexander, CISO and cyber practice lead at NeuEon Inc., explains the most dangerous forms of shadow IT, the ways security teams can respond, and the why – employees actually have “good intentions” when they use this unapproved tech.

Perspective

Here’s a taste of the episode:

Employees are breaking the IT rules all the time, ignoring company policy and installing outside apps and services – things their IT department hasn’t approved or doesn’t know about. That’s shadow IT. And it’s getting worse.

The surprising thing? When employees go outside corporate-approved software, they generally do so with good intentions – they just want to get their jobs done more efficiently, says NeuEon exec Candy Alexander, who develops and manages corporate security programs.

Step into your autonomous endpoint management (AEM) journey. Join thousands of global IT and security experts for vital keynotes, curated breakout sessions, hands-on labs, and certifications. TANIUM CONVERGE 2024, Nov. 18 – 21

The standard response was for security teams to act as “the department of no,” forbidding the use of certain problematic (yet necessary) apps and other software. Resist that urge, she advises. While these shadow IT uses can be risky or dangerous for the business, the goal of security teams is to understand why the employees are turning to those apps, what they’re trying to accomplish, and what their challenges are.

[LISTEN TO THE FULL EPISODE: Ep. 18 – Shining a Light on Shadow IT]

[Employees are] going to install things, I promise you. Because they lose the concept that this device they were provisioned is not their device.

Candy Alexander, CISO and cyber practic lead, NeuEon Inc.

FOR MORE EPISODES

By tuning in to Let’s Converge, you’re joining a community of like-minded individuals who are passionate about cybersecurity. Each episode lasts about 20 minutes, so it’s easy to stay informed without having to commit to hours of listening.

Anne Torpey

Anne Torpey is a veteran writer, editor, and word-wrangler who's worked for a bevy of world-class media outlets and legendary brands, including Vice Media, Rolling Stone, W, New York Magazine, Adweek, Porsche, The Ad Council, and McKinsey & Co. Her dad taught her the power of words, and she tries to use the best ones every day.

Tanium Subscription Center

Get Tanium digests straight to your inbox, including the latest thought leadership, industry news and best practices for IT security and operations.

SUBSCRIBE NOW