Have you ever downloaded a useful program or plugin on your work computer—to view documents, video chat, or share your screen, for instance? If so, you’ve probably contributed to shadow IT, a privacy issue that occurs when rogue applications are downloaded outside the realm of IT, and potentially aren't fit for processing enterprise information.
The good news? You’re not alone. According to a recent Netskope report, nearly 90 percent of cloud apps used by IT & technology organizations are not enterprise-ready, lacking in the areas of security, audit and certification, legal, privacy, financial viability, and vulnerability remediation. The bad news? Companies will soon face fines for failing to prevent shadow IT at scale due to changes to the EU General Data Protection Regulation, or GDPR.
What Should You Know About GDPR?
The new GDPR legislation comes into effect in May 2018, so it’s important to know what’s changing. The law marks a crackdown on how organizations manage personal data in the cloud, with noncompliance fines of up to 4 percent of their annual revenue from the previous year. Even if located outside the EU, any businesses, government agencies, or non-profits that process data of EU residents fall under the scope of the regulation.
The GDPR will replace a series of national data protection laws with a single widespread mandate on the way data is transferred, collected, stored, and used, providing better security in light of increasing globalization and new technological developments. An estimated 98 percent of cloud-based applications don’t comply with the impending GDPR legislation, making shadow IT the largest risk factor for both security breaches and compliance-related fines.
Why So Much Shadow IT?
Our modern, mobile-driven society is the impetus for shadow IT in the workplace. As we conduct more business from different locations, the way employees work has shifted to emphasize maximum productivity. Likewise, IT managers are tasked with sourcing and implementing collaboration tools to meet the needs of an ever dispersed workforce—all in a world where private information is increasingly harder to protect.
Combatting GDPR Noncompliance With Video
In anticipation of GDPR, encouraging open communication between the IT department and the workforce has never been more crucial. Finding a streamlined means of communication that can stem the tide of rogue application downloads will be a pivotal move for enterprises.
Video conferencing software is the most lucrative solution for this, bringing universal interoperability and mobility to team collaboration while maintaining high security. With the right software, video conferencing should be protected through encryption protocols, randomized meeting IDs and passwords, and locked meeting features, adding an additional layer of security for users. Any video conferences stored in the cloud should be encrypted as well, and owners should restrict who has access to them.