Shadow IT โ technology deployed by employees or departments without central IT oversight โ creates unmanaged attack surface. Common examples include personal cloud storage for work files, unapproved SaaS applications with SSO integration, development environments in personal cloud accounts, and APIs or webhooks connecting approved tools through unofficial pathways. Attack surface management and cloud security assessment help discover shadow IT, and organisational policies help prevent it. The security risk is that these systems bypass the controls (testing, monitoring, access management) that protect sanctioned systems.
Educational2027-01-15
Shadow IT Security Risks: Finding and Securing Unauthorised Systems untuk Perusahaan Indonesia
Employees deploy cloud services, SaaS tools, and applications without IT oversight. The security risks and how to discover them. Guidance for ID market.