Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

You Can’t Defend IT Hidden in the Shadows

You can’t secure and protect devices or data you aren’t even aware of. It’s a simple premise, but one that has become more and more relevant in recent years. It’s challenging enough to just keep up with identifying, managing, and resolving the vulnerabilities you know about, but it’s crucial to be able to detect and identify those unknown and shadow IT assets as well.

You can’t secure and protect devices or data you aren’t even aware of

The explosion of mobile devices, cloud services, and virtualization tools make it very easy for employees to connect to and use unauthorized technologies that IT is not aware of. All of your effort to manage vulnerabilities and protect the network can be undone by one attacker exploiting a vulnerability on an unknown device or service connected to your network. When users introduce technologies and applications without IT consent, they expose the company to unnecessary risk and handicap IT’s ability to effectively protect the network.

Lurking in the shadows

You can’t be confident in your security posture if you can’t be sure you’re identifying and remediating vulnerabilities in all of the devices and applications on your network. You might achieve some false sense of security by checking a box for resolving the vulnerabilities you’re aware of, but shadow IT can still leave you weak and defenseless.

Unknown mobile devices on your network expose you to significant risk. A report from the end of 2015 found that an average mobile app has nine vulnerabilities—and more than a third of those are critical or high vulnerabilities. The report revealed that more than a quarter of the mobile app vulnerabilities result in personal or sensitive information leakage, and nearly a quarter are related to authentication and authorization.

An average mobile app has nine vulnerabilities

Another place where risk lurks in the shadows is with cloud services and virtualization. Users just sign up for services like Dropbox or an unsanctioned CRM tool, and with the push of a button your network and data are exposed to vulnerabilities you don’t know about. Cloud providers average 18 vulnerabilities per asset. It takes on average 103 days for a typical organization to remediate a security vulnerability. Cloud providers are faster than many other industries when it comes to addressing vulnerabilities, but whether it’s 30 days or 300 days you can’t address or mitigate the risk because you don’t even know you’re exposed.

Turn on the lights

There’s a Chinese proverb that goes, “Better to light a candle than to curse the darkness.” You don’t need to fear unknown and shadow IT. You just need to accept that it exists and have the right tools in place to deal with it.

The traditional approach to vulnerability management isn’t good enough. Conducting periodic scans only provides a snapshot in time. The scan may not identify new or unknown assets. Even if it does, it will miss devices and services that are not connected or enabled at the time of the scan, leaving you exposed again until the next periodic scan.

Conducting periodic scans only provides a snapshot in time

Tenable SecurityCenter Continuous View™ (CV) provides comprehensive visibility of all assets on your network. SecurityCenter CV™ enables you to detect and identify transient laptops, personal mobile devices, and rogue cloud applications. It combines active and passive monitoring tools to detect unknown devices and applications, and identify associated vulnerabilities so that shadow IT doesn’t expose you to unknown risk.

Unknown assets and shadow IT are part of today’s IT reality. You need to make sure you have policies and tools in place to ensure you have complete visibility combined with relevant context so you can take decisive action to protect your network and data.

For more information, read about Tenable’s Unknown and Shadow Assets solution. And watch the Tenable Blog this month for more articles about Shadow IT.

Subscribe to the Tenable Blog

Subscribe
Try for Free Buy Now

Try Tenable.io

FREE FOR 60 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

$2,190.00

Buy Now

Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 60 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578.00

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 60 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Learn More about Industrial Security

Get a Demo of Tenable.sc

Please fill out the form below with your contact information and a sales representative will contact you shortly to schedule a demo. You may also include a short comment (limited to 255 characters). Please note that fields with asterisks (*) are mandatory.