Dive Brief:
- Microsoft announced Wednesday that Microsoft Cloud App Security is now generally available. The tool allows companies to see, organization-wide, what cloud apps are in use.
- The product can also allow IT to see the use of unauthorized cloud apps. Applications and systems used without explicit approval from the organization are known as shadow IT.
- Microsoft Cloud App Security was originally the product of Adallom, a company Microsoft bought in 2015.
Dive Insight:
Shadow IT has become a growing problem for many companies, and it comes with potential risks to both company and customer data. A report released by Cisco in January found that shadow IT in enterprises was up almost 70% from just six months prior. While CIOs estimate their organizations use an average of 91 cloud computing services, Cisco said, the true number averages around 1,120. Many analysts agree that shadow IT is an issue for companies, and that few CIOs or corporate technology departments have a good idea of shadow IT's scope.
Often without the knowledge or permission of the IT department, the average employee uses 17 cloud apps at work, according to research by Adallom.
Microsoft is not the first company to introduce a product for tracking shadow IT. For example, Cisco launched Cloud Consumption as a Service in January and IBM introduced Cloud Security Enforcer in September.
But Microsoft Cloud App Security goes a step further in that it not only detects unauthorized apps, it also helps companies see how much data is moving outside the organization. This allows the company to establish controls to secure the organization, if necessary. However, the controls do not dictate user behavior, but instead can stop sensitive information from being shared in the cloud or limiting access to unkown networks.
