Masergy is offering its managed SD-WAN customers a free shadow IT discovery solution that can pinpoint cybersecurity risks such as malware. Shadow IT threats are applications that have been downloaded by enterprise employees, unknowingly posing a risk to their organizations.
With the increased use of software-as-a-service (SaaS) applications, workforce mobility and endpoint solution diversification, companies of all sizes are exposed to cybersecurity threats that they are often unaware of until it's too late.
The Masergy Shadow IT Discovery solution scans and identifies applications and then provides visibility into them through the SD-WAN management portal.
"So one of the most important and pervasive security threat vectors out there is applications that are software-as-a-service that enterprises don't know about," said Masergy's Ray Watson, vice president of innovation. "So it's more normal than not for cloud applications to be unknown to the IT folks that control them.
"The classic example of this is somebody in marketing, for example, decides that they're going to launch a marketing application. So they spin up an Amazon Web Service to do that, and they don't bother to tell anyone in IT."
According to a study, the average enterprise has more than 888 unauthorized SaaS applications running unbeknownst to the IT team. Gartner clients indicate that “shadow IT” investments can exceed 40% of the formal IT spend. All told, shadow IT is predicted to be the attack vector for one-third of all successful data breaches by the end of this year.
While standalone shadow IT solutions have been around for some time, such as Microsoft Office 365 Advanced Threat Protection (ATP), Masergy's model uses information that is collected at the end points at network operations centers (NOCs) and security operation centers (SOCs) using Fortinet's FortiGate firewall. Masergy previously had a Silver Peak-based SD-WAN solution, but it added its own version of SD-WAN in 2018 that uses Fortinet at the end points.
Watson said Masergy uses a database of about 4,300 applications to define "known" and "unknown" applications. Once those are identified, an enterprise can quantify the risks on a scale of one to five, with one being the lowest risk and five the highest. Companies can decide what level of risk is acceptable to them by using the scale. A company may decide that only one to twos are acceptable while another may allow scores of three to four if it’s a known application such as Google Toolbar.
The definitions of the risk levels are compatible with the National Institute of Standards and Technology's (NIST) frameworks.
"We're giving them a better security posture, and we're giving them better use of how that looks," Watson said. "One of the coolest things about this release is that the customers are already going to have historical data available to them instead of having to sit around and wait, they'll be able to get data from the last 29 days or so as well, which is pretty neat. Most the customers will be thrilled because there's no additional charge on the SD-WAN side."
Watson said that Masergy Shadow IT Discovery was possible due to the company's Masergy AIOps, which launched four months ago. The artificial intelligence-based AIOps is an SD-WAN-integrated digital assistant for network, security and application optimization.
"It's been in development for a couple a couple of years, but really kind of hit the timeline in earnest about the last six to seven months," Watson said of the shadow IT solution. "We knew it was going to be one of the products that went out right after a AIOps launched.
"The journey to fully autonomous networking is a three-to-five year journey. When I say fully autonomous networking that means unsupervised AI, meaning unsupervised changes across the board. We've got visibility, then we've got control, then we get unsupervised AI, but that's a ways off."