IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

How MSPs can reign in pandemic-fuelled shadow IT

With security threats becoming more prevalent, now isn't the time to be cutting corners

grafitti of a spy on a wall

Remote working has become the norm rather than the exception for many over the last 12 months. It’s a trend that’s not going to go away either, with over 82% of UK businesses admitting they’re considering changing future working practices to allow more staff to work from home - even once COVID-19 restrictions ease.

Managed Service Providers (MSPs) will likely have several clients who need to rely on outdated systems to deal with the additional strain brought on by so many staff working from home. These clients are grasping in the dark, and stretched more than ever, giving MSPs the opportunity to offer innovative ways of helping them mitigate the additional risks.

Keeping sensitive data safe and secure

IT teams are struggling to keep sensitive data safe and secure, and there’s never been more data to manage than there is now. In 2018, the global volume of data was 33 zettabytes (ZB), with some projections suggesting that it could balloon to 175 ZB by 2025. As well as untold reputational damage, leaving sensitive data open to attack is likely to be in breach of increasingly stringent regulations, not least of which GDPR. The EU’s data protection regulations are just the tip of the iceberg, however, and each industry has a plethora of its own rules and regulations to adhere to.

The home working trend has left businesses vulnerable because it’s added a huge number of endpoints that weren’t there previously. The bring your own device (BYOD) trend was already fully ensconced pre-pandemic, but this trend has rocketed in the past 12 months. Staff are now using work laptops and mobiles in record numbers to order their groceries and speak to friends online, for instance.

IT teams can’t manage what they can’t see. These devices are now likely to play host to a multitude of apps that haven’t been vetted. Even before the pandemic, one survey found that on average, most organisations believed they had only 30 to 40 apps running on their network when in reality that number was more than 900. As the lines of home and work life continue to blur, the propensity for shadow IT has only increased.

This isn’t the time to be cutting corners

Since lockdown began, there has been a sharp increase in the number of ransomware attacks, with the damage caused potentially severe and widespread. Back in 2017, the largest ransomware attack to date, WannaCry, was estimated to have affected more than 200,000 computers across 150 separate countries. 

Our own research found that one-in-five (21%) businesses experienced a ransomware attack, and of those, over a quarter (26%) couldn’t access any working backup after the attack. Even when organisations could access a working backup, 22% of them could either only restore a partial amount of their data, or none at all.

The stark reality is that without adequate backup systems and incident response capabilities, small businesses and public institutions can become easy targets. Unlike large corporations that often have the funds and resources to protect themselves, it's an entirely different matter for smaller businesses trying to navigate the challenges of managing a remote workforce and operating with potentially outdated or vulnerable systems. That’s where an MSP can come in.

Email, company presentations, confidential documents, and customers’ bank details are all being accessed from our homes on a routine basis. Employees have been working under a completely different set of parameters; ones where new security risks are high and where cyber criminals are finding new ways to exploit any weaknesses they can find. Whilst these are uncertain times for businesses, it is far from the time to be cutting corners. 

Ransomware today is rife and has been exacerbated by the current work-from-home trend. MSPs need to ensure their clients have the tools and processes in place to mitigate the impact of any cyber-attack and protect sensitive data. It should also be best practice to regularly revisit any existing disaster recovery plans and ensure that all eventualities have been accounted for.

Mikey Anderson is the global channel marketing manager at Ontrack

Featured Resources

Activation playbook: Deliver data that powers impactful, game-changing campaigns

Bringing together data and technology to drive better business outcomes

Free Download

In unpredictable times, a data strategy is key

Data processes are crucial to guide decisions and drive business growth

Free Download

Achieving resiliency with Everything-as-a-Service (XAAS)

Transforming the enterprise IT landscape

Free Download

What is contextual analytics?

Creating more customer value in HR software applications

Free Download

Recommended

Google unveils new Assured Open Source Software service
open source

Google unveils new Assured Open Source Software service

18 May 2022
Malwarebytes hires new channel chief to lead MSP and partner network
Managed service provider (MSP)

Malwarebytes hires new channel chief to lead MSP and partner network

18 May 2022
Palo Alto and Deloitte to deliver managed security services in the US
Managed service provider (MSP)

Palo Alto and Deloitte to deliver managed security services in the US

17 May 2022
US and EU thrash out plans to avert chip production “subsidy race”
Hardware

US and EU thrash out plans to avert chip production “subsidy race”

17 May 2022

Most Popular

16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

13 May 2022
Preparing for the 3G sunset
Network & Internet

Preparing for the 3G sunset

18 May 2022
(ISC)2 launches free scheme to get 100,000 UK citizens into cyber security
Careers & training

(ISC)2 launches free scheme to get 100,000 UK citizens into cyber security

17 May 2022