"In short, while there was no evidence that unsanctioned app use is routine or normalized, it is likely that enough staff are using them to make a serious breach possible at some point. The report concludes that one of the reasons staff have taken to these messaging apps was that they lack convenient alternatives. It recommends developing approved apps to remove this need,"
"What's surprising about this is that it has taken a major political row at government level to raise an issue that enterprise CISOs have been grappling with for years: the effects of BYOD, shadow IT (and now shadow AI), and unsanctioned apps that creep into organizations without anyone realizing it. Over the last two decades, the rise of mobile devices, the cloud, and apps has radically de-centralized IT in ways that top-down management models struggle to control."
There is no evidence that unsanctioned messaging app use is routine or normalized, but enough staff use them to make a serious breach likely. Staff have adopted these messaging apps because convenient approved alternatives are lacking. Recommended actions include developing approved messaging apps, implementing training to ensure compliance with communication regulations, and restricting authority to use messaging apps to senior staff in defined circumstances. Enterprise CISOs have long confronted BYOD, shadow IT, and unsanctioned apps. The proliferation of mobile devices, cloud services, and apps has decentralized IT beyond top-down management models, and Signal remains widely used despite reported issues.
Read at Computerworld
Unable to calculate read time
Collection
[
|
...
]