CXO Series I – Security Risks of Shadow IT in the Cloud

CXO Series I: Security Risks of Shadow IT in the CloudNote on CXO Series: The CXO series is our effort to bring awareness to decision makers in the geo-distribution organization of today. CipherGraph helps you navigate the frontier area of cloud-computing with a special emphasis on data security, contingency planning, and risk mitigation.

Shadow IT

Gartner defines ‘Shadow IT’ in a nutshell – “Shadow IT is IT activity that occurs outside of IT.  Shadow IT is growing in many organizations driven by consumerized technology, mobility, the availability of cloud solutions and quite frankly relatively slow cycle times within captive IT organizations”. Shadow IT is driven by the need faced by individual departments to use the best tools they can get their hands on – without IT delays. The cloud has made this significantly easier, inexpensive and ad-hoc.  Your organization is likely already doing it and already at risk today.

Heres what the numbers have to say on the subject -

“By 2015, 35 percent of enterprise IT expenditures for most organizations will be managed outside the IT department’s budget.” (Gartner)

“Almost a third of IT managers said covert cloud spending can support business growth and innovation, and 38% said it allows them to respond faster to client demands.” (VMWare)

“48% of IT managers in Europe expressed concern that off-radar cloud spend escalates security risks.” (VMWare)

Cloud services like Amazon AWS offer unprecedented flexibility, capacity and speed to any business. Anything that allows people to hit deadlines is theoretically a good thing. People often bypass IT and go with powerful options like AWS and place corporate data out in wild thinking only about their deadlines. The approach is fast and inexpensive but ignores your corporate data security policy and exposes your business to serious risks. But the severest risk is that a theft/loss/breach will go completely unnoticed and will be untraceable.

Create opportunity from a threat

Trying to eliminate Shadow IT is incredibly hard. Yet, Shadow IT does enable several benefits that make your business more agile. It’s time for IT to change gears. In this decade their primary role is no longer just maintenance. With the advent of the Cloud, IT has the opportunity to shift focus on consolidation, compliance and improvement without getting in the way of “business”.

Security is easier to deploy and manage in the cloud than it has traditionally been for your datacenter. There are many ways to secure the cloud, but few are extensible and truly independent that will fit into your business model. Deciding which products to use to put together a true and complete solution can be incredibly hard. Create simple steps for IT that can be followed in minutes (as opposed to weeks for hardware) and regulate the way AWS or any other cloud provider can be used by your organization’s members without violating your corporate security policy thus protecting your data from being exposed to threats.

How CipherGraph fits your requirements

Speed: CipherGraph Cloud Access Gateway can be deployed on any cloud platform (including Amazon AWS) within a couple of minutes and is ready to use out of the box.

Data Confidentiality: You need to ensure that your data and applications are never accessible on the public internet. Just as your firewall keeps your data and applications accessible only from within the organization (on-premise), CipherGraph CAG creates a secure perimeter around your deployment. Only authorized users can connect to your deployment, with all communications secured by strong encryption. Software update / patching of internal applications is no longer your first line of defence against threats, allowing your business to move faster and dramatically reducing the risk of Data Loss / Data Leakage.

Compliance/Control: PCI and HIPAA compliance for cloud and hybrid deployments has never been easier. Enforce the most stringent corporate security policies with powerful features and industry-standard technology. Role Based Access Control and Two Factor Authentication (Multifactor Authentication) are just two basic features offered by CipherGraph CAG which ensure regulatory compliance as well as allow you to implement the most sophisticated data security policy.

Elasticity: No matter how big or small each team, CipherGraph offers performance to match with licensing based on hourly usage  and number of users. Deploy your entire company with a central solution or each team can deploy and manage their own CipherGraph Gateway Virtual Appliance. A single deployment of thousands of users or smaller deployments of 5 users, both are equally easy to setup.

Learn more about CipherGraph Cloud Access Gateway at

Get started now

CipherGraph Cloud Access Gateway is available now for your preferred cloud provider. Deploy CipherGraph Virtual Appliance either from your provider’s application store/marketplace or talk to us directly.

For a free consultation to discuss your “Shadow IT” needs and risks email us at