The 3 Biggest Risks of Shadow IT – and What CIOs can do about them

Shadow IT, the use of unsanctioned cloud and mobile devices by staff, is a growing sector – but while the Bring Your Own Device philosophy has caught on fast, not everyone appreciates the risks to data and workflow it can bring.

When staff members begin to bring their own devices into work, it can spell positive changes for the IT world and a leap in efficiency for the company. Everyone’s using cloud and mobile instead of sometimes-clunky proprietary systems, and everyone can get on with what they need to do, wherever they are and whatever device they want to use. Sounds great, because it is.

There is one problem, though. Staff who don’t have IT training often don’t realise the security risks, so they’ll move data about over clouds or between devices without proper security measures.

Then there’s the risk to workflows. It’s great when everyone uses efficient cloud-based apps to do work, but what happens when it all comes together and none of the pieces fit because everyone’s used a different app, or a different spreadsheet format?

Finally there’s the problem of everyone using different distribution networks and a hundred different versions of a document getting passed around, because there’s no centralised system in place. So what can CIOs do about these problems?

Data security training

CIOs need to offer staff an appropriate level of security training so everyone understands that data has to be secure – company IT systems contain customer data, proprietary data, financial data and employee data and all this must be kept secure. Strong passwords, password protection on individual documents and an awareness of the porous nature of public clouds and mobile devices contribute to the success of secure shadow IT.


Shadow IT can be great for the individual employee. But when staff bring documents that are in mutually unintelligible formats to the same meeting, everyone ends up sending a lot of time figuring out how to synch it all up. How to avoid this? Institute standardised workflow systems throughout the organization that can be accessed (securely!) through shadow IT.

Too many versions

Devices that rely on capacitive touch screens tend to have the sharpest image quality. Capacitive touch screens are coated with a material that sends a continuous electrical current across the sensor. Fortunately, the human body is also a type of electrical device. This means that when you touch the screen you absorb some of the current. The device registers this disruption, causing it to send information to its controller. The device will then perform the action that you requested.

Person 1 emails person 2 a document, who alters it and emails their version to person 3. Person 1 emails person 3 their version too. Which is the right one? Expand that process across time and multiple workflows companywide and you have a recipe for chaos. The solution is to build an efficient workflow structure that enables multiple people to access a single version of the document or spreadsheet and manipulate it without duplicating it, so there’s only one ‘version’.

In every case, the best thing CIOs can do is to start by accepting that shadow IT is here to stay and staff are going to use it. Then it’s about giving staff the tools and knowledge they need to use it effectively.

Top ↑

5 Reasons Why Telecommuting Is a Win-Win

You’d expect companies to hate telework and employees to love it. For employees, it means a couple of hours, at least, rescued from the daily commute, and a chance to work in their pyjamas or with the stereo up loud – not options at most people’s offices.

Problem is that Photoshop is far from inexpensive. A quick online scan will show that newer versions of this image-editing program can run higher than $600.

But don’t companies hate the idea of losing control over their employees? How can you check on a worker if they’re not even there? And doesn’t remote working lead to slackness?

Not everyone sees it that way. According to a report issued late last year, the US government now thinks about 47% of its employees – over a million people – are eligible for telecommuting. So what’s so great about it, and how is everyone a winner?

Telecommuting eliminates wasted time

Sure, some people work on the way to work. Most people sit in traffic, for an average of an hour each way. That’s wasted time for everyone, and telecommuting gives it back.

Telecommuting cuts costs for companies – but not wages for workers

Workers who work at home don’t need offices, cutting down on overheads – rent, heating, insurance and all the other costs associated with property. But they still make the same salary.

Remote workers are less stressed and more productive

Remote workers and in-office workers agree that teleworkers are less stressed, sleep more, drive less – and get more done. Less stress, more productivity? Win-win.

Absenteeism is a good thing

Americans work longer hours than any other industrialized country, but we don’t get more done. There’s a culture of ‘presenteeism’ – if you’re in the office early and late, you’re a good employee. ‘Part-timer’ is used as a slur. Get rid of that and ‘absent’ workers can be judged on their quality and productivity, not on how much time they spent on the job. That’s better for everyone.

Absent doesn’t mean out of reach

Much of the time in modern offices, people communicate by email, cloud or messaging services anyway. If you’re going to email someone, and get an email back, what difference does it make where they are? If you’re driving into work to open and reply to emails, doesn’t that defeat the point?

Teleworking means businesses spend less money and workers do more work, while workers have a better quality of life and more control over their working time.

Top ↑

5 Projects IT Pros Need to Stop Putting Off

Anyone who’s ever seen an Eisenhower square knows how easy it is to do urgent-but-unimportant stuff today, and put off important-but-non-urgent stuff until tomorrow. We all do it. The danger with that approach is that projects that are actually vital are always on tomorrow’s to-do list – never today’s. Here are 5 IT projects it’s time to shunt up the list to job #1.

1: Software updates – especially in end devices

Increasingly, inhouse IT departments are moving towards a ‘push’ model of updating software, one that distributes software updates to devices on the network from a central point. But that transition’s far from over and in some IT departments it’s still necessary to physically go out and update software. If the machines that need updating are in distant corners of the company buildings IT can end up supporting four different releases of the same software.

2: Job descriptions

Jobs exist now that didn’t even two years ago. Go back six years and the landscape has changed unrecognizably. But when’s the last time job descriptions in your department were updated? Go back over them and make sure they’re up to date or you’ll find that when you need to know who’s in charge of cloud issues or social media outreach it turns out that officially, no-one is.

3: Spare parts and old equipment

Below the top layer, there’s probably equipment in the back room for repairing external dial-up modems, spare 51/2″ floppy disk drives and a couple telegraph keys near the back. It makes sense to keep this equipment to cannibalize it for spare parts or in case it’s needed, but unless you’re building a steampunk laptop in your spare time some of this stuff just needs to go. Getting round to this job isn’t always easy, but managing it at least once a yea shouldn’t be too hard.

4: Asset inventorying

Asset inventorying software has been on the market for a decade or more, but many IT pros still don’t have a clear understanding of how many of their servers are idle or underutilized. An asset inventory can identify these and help you decide whether there’s slack in the system or whether you’re running servers that just can’t cope with modern demands and need to be replaced.

5: Vendor agreements

IT departments are often missing something vital, despite all that spare equipment: contracts. Many are short as many as a third of all the contracts that cover their agreements with their vendors. If these are missing, ask vendors for copies and check what they cover. Your relationship with the vendor may have changed, or the type of provision on offer might have moved with the times. Make sure your contracts are complete and up-to-date.

Top ↑

The worst passwords of 2014 – and what we can learn from them

2014 was the year of the leaky, hacked, unsecure internet – the year we all came face to face with the fact that our details aren’t safe. And that harsh lesson really didn’t sink in. Most hacking is done through old-fashioned channels like email fraud, but when passwords are leaked, it often turns out there was no need, to judge by some of these.

Password management firm SplashData released its list of last year’s worst passwords,and they’re exactly as bad as you can imagine. The company got its data by analysing the 3 million or so passwords that were leaked last year, and arranged them in league order of most to least common. Of course, the more common your password the easier it is to guess – but when it’s both really common and really weak, it makes you wonder why hackers bother to steal it when they could just guess.

The top 5 offenders

These are the 5 most common leaked passwords of 2014:

  1. 123456
  2. password
  3. 12345
  4. 12345678
  5. qwerty

Yes, seriously.

Lessons to learn

First, never ask IT why your password has to be 14 characters long!

Second, look at what these characters did and do the opposite to create a strong password.

These passwords all display a total lack of thought. Faced with a decision – which password? – these people tapped a few keys without thinking it through at all. So, consider: any keys that are already next to each other on the keyboard are a bad choice, so is a long numerical sequence like ‘1234.’ And ‘password’? Also not good.

Widen the net: your name? Out. Your company’s name? Also a bad choice. And if you live in LA, ‘Lakers’ isn’t too great either. What unites these bad choices is that they’re easy to guess if someone knows one other thing about you. For the same reason, your partner or children’s names aren’t good choices.

Creating a strong password

Strong passwords are strong because they’re really hard to guess. Using things like the letter ‘3’ for ‘e’ or the number ‘4’ for the word ‘for’ are now predictable. Instead use a password using unconnected words with symbols, caps and numbers scattered throughout. It’s also a good idea to have a different password for each account: having the same keys for car, garage, house and office obviously spells trouble, and the same logic applies here.

Top ↑

The secrets of YouTube

YouTube has come a long way from its origins as a place to look at kittens and home videos of people’s dogs. There’s a multimillion dollar industry based around it, a new generation of media stars who got their start on the channel and its connection with Google and its ubiquity, to say nothing of how easy it is to embed, mean it gets a lot of use for business purposes too.

With that in mind, you’re probably not getting the very best out of your Youtube experience. Here are a few ways to get the normal stuff done faster – and a couple of tricks you probably didn’t even know were possible!

1: Space Bar

Most of us know that the space bar is play/pause on YouTube. If you want to watch something in slow motion, though, hold the space bar down! This is really useful for detailed how-tos.

2: Jump Around!

J jumps you back 10 seconds in the video. L jumps you forward 10 seconds. No mouse required. You can also use K as play/pause, if you’re watching a video entitled ‘how repair space bar.’

The arrow keys fast forward and rewind, and the number keys jump to percentage locations in the video: 1 is 10%, 5 50%, 0 the beginning.

These don’t work in fullscreen mode, by the way.

3: Lean Back!

It is the name of an app that allows you to turn YouTube into a keyboard-only experience with a totally new interface that can be conveniently browsed with only the arrow keys and ‘enter.’ This doesn’t seem to work on Macs, though.

4: Do What You Feel!

YouTube has a hidden feature called Moodwall (yes,I’m aware that we’re moving away from tricks that are useful in the enterprise, but I thought you’d want to know). Moodwall lets you select your mood from a sidebar. YouTube then shows you videos appropriate to your mood. If you disagree, double click on the mood you chose, and the videos will all change.

5: Ride the Snake

OK, so now we’re moving from ‘not useful in the enterprise’ to ‘not useful at all,’ and it’s also not really a secret – it’s even on YouTube’s Wikipedia page. On any video you’re watching, pause it and hold down the left or right arrow key for a few seconds. Then press the up arrow key to start the game, and hey presto! Your computer and YouTube together have created the ‘snake’ game that made Nokia owners the world over miss public transportation throughout the early 2000s.

Top ↑

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *