Practitioners acknowledge problems that can be caused by unapproved app use.
Around three-quarters of security professionals have admitted to using SaaS applications that had not been provided by their company’s IT team.
According to research by Next DLP, 73% of professionals use unapproved apps despite being “certain” that their organisation had suffered a data breach or data loss as a result of Shadow SaaS.
“Clearly, there is a disparity between employee confidence in using these unauthorised tools and the organisation’s ability to defend against the risks,” Chris Denbigh-White, chief security officer at Next DLP, said.
“Security teams should evaluate the extent of Shadow SaaS and AI usage, identify frequently used tools, and provide approved alternatives. This will limit potential risks and ensure confidence is deserved, not misplaced.”
Written by
Dan Raywood
Senior Editor
SC Media UK
Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.
Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.