Governing: Michael Roling, Missouri’s chief information security officer (CISO), knew that some of the state’s 40,000 employees were using unapproved software they had downloaded from the cloud to their work computers and devices. But when his team ran a special software tool to figure out how extensive the practice was, they were surprised to learn that more than 2,500 unknown software programs or services were operating throughout the state’s IT network. “It was definitely an eye-opener,” Roling says. “We guessed we had some problems, but it turned out the number was far greater than what we could imagine.”
Roling isn’t the only IT official to miscalculate the size and scope of the problem. CISOs routinely underestimate the number of unsanctioned software programs that workers are using. A report from SkyHigh Networks, a software security firm, found that the typical public-sector organization uses nearly 750 cloud services -- 10 times the number IT departments expect to find.
The most significant government policy, business, and technology news and analysis delivered to your inbox.
Subscribe Now