#shadow-it

[ follow ]
#data-security #cybersecurity #docker-hub #enterprise-security #ai-security #it-security #secrets-exposure
#docker-hub
more#docker-hub
fromComputerworld
1 week ago

Insecure use of Signal app part of wider Department of Defense problem, suggests Senate report

In short, while there was no evidence that unsanctioned app use is routine or normalized, it is likely that enough staff are using them to make a serious breach possible at some point. The report concludes that one of the reasons staff have taken to these messaging apps was that they lack convenient alternatives. It recommends developing approved apps to remove this need,
Information security
fromComputerworld
1 week ago

US federal software reform bill aims to strengthen software management controls

SAMOSA is mostly focused on trying to fix "software asset management deficiencies" as well as requiring more "automation of software license management processes and incorporation of discovery tools," issues that enterprises also have to deal with. In addition, it requires anyone involved in software acquisition and development to be trained in the agency's policies and, more usefully, in negotiation of contract terms, especially those that put restrictions on software deployment and use.
US politics
Privacy professionals
fromIT Pro
3 weeks ago

Could years of AI conversations be your biggest security blind spot?

Every conversation with public LLMs can be stored and aggregated, creating detailed profiles that risk individual privacy and expose businesses to data leakage.
Artificial intelligence
fromTheregister
4 weeks ago

Execs make AI rules and break them with shadow IT

Two-thirds of executives and half of employees admitted unapproved AI use while organizations invest heavily despite security, compliance, and governance gaps.
fromSocial Media Explorer
2 months ago

Your Workplace Security Trap: Why the Biggest Dangers Are Hiding in Plain Sight - Social Media Explorer

How did we get here? It's simple: people want to get their work done quickly and easily. Think about the way your teams work today. They don't just use the tools the company bought; they use what's popular, what their friends recommend, or what they already know. This convenience-first mindset creates two huge, silent security gaps that most managers overlook:
Information security
fromTheregister
2 months ago

Microsoft to allow consumer Copilot in corporate environs

Redmond has done so unilaterally, effectively endorsing "shadow IT" - the practice of bringing unapproved software and devices into the workplace. Earlier this year, Microsoft said it had adopted a new approach to shadow IT. "While earlier eras of our IT history focused on trying to prevent shadow IT, we are now concentrating on managing it," the biz said in a blog post. By "managing," Microsoft also means "enabling."
Privacy professionals
Law
fromAbove the Law
2 months ago

Associates' Dissatisfaction With Firm Tech: What We Have Here Is A Failure To Communicate - Above the Law

Midlevel associates at large law firms face inadequate firm technology, causing slower work, personal tech purchases, training gaps, partner resistance, and fear of automation.
Information security
fromComputerworld
2 months ago

Leading the charge in cyber risk mitigation: From gut feeling to objective evaluation

Cybersecurity must be managed as a core business risk using objective, data-driven exposure management to detect hidden threats and prioritize remediation.
#ai-security
fromInfoQ
3 months ago
Information security

Cloudflare Introduces Automated Scoring for Shadow AI Risk Assessment

fromInfoQ
3 months ago
Information security

Cloudflare Introduces Automated Scoring for Shadow AI Risk Assessment

more#ai-security
Information security
fromIT Brew
3 months ago

Your office is requiring people to return to in-person work. Now what?

Return-to-office mandates are rising and IT must ensure smooth employee experience, secure device configurations, and updated policies to prevent shadow IT and security risks.
fromIT Pro
4 months ago

LastPass just launched a tool to help security teams keep tabs on shadow IT risks

"Small and mid-sized businesses are facing a perfect storm of complexity: unknown risks living within unknown apps and AI services," said Don MacLennan, Chief Product Officer at LastPass.
Privacy technologies
fromThe Hacker News
4 months ago

The Wild West of Shadow IT

Everyone's an IT decision-maker now. Employees in organizations can install plugins with one click, bypassing IT teams, impacting security posture significantly.
Privacy professionals
Data science
fromInfoWorld
5 months ago

Understanding how data fabric enhances data security and governance

Data fabric simplifies data management across fragmented environments, enhancing security and governance.
fromThe Hacker News
6 months ago

Think Your IdP or CASB Covers Shadow IT? These 5 Risks Prove Otherwise

An AI-powered note-taker quietly syncing with your Google Drive is just one example of shadow IT that can go unnoticed and lead to significant security risks.
Information security
Tech industry
fromInfoWorld
6 months ago

Enterprises are wasting the cloud's potential

Poor leadership in cloud governance leads to overspending on resources and missed innovation opportunities.
Privacy technologies
fromZDNET
7 months ago

LastPass can now monitor employees' rogue reliance on shadow SaaS - including AI tools

LastPass is expanding into SaaS monitoring to help SMEs manage shadow SaaS risks more affordably.
[ Load more ]