Why are ghost accounts dangerous?

Mélanie Lebrun

|

Youzer Marketing Manager

12/2022

Articles
>
News from the IAM
Shadow it: explanation, causes and consequences. Understand the problem of accounts unknown to the IT department.

Contents

Shadow IT is not yet another episode in the Star Wars saga, but a discrepancy between the use of SaaS applications in the enterprise and the IT department's knowledge of them.

Applications stored in the cloud are very easy to use, as there is by definition no set-up required. Employees needing new software no longer call on the IT department, but decide to use the new application directly.

The IT department is not aware of the applications used in the various departments.

This has major drawbacks:

  • the IT department is excluded from decision-making on an application, revealing a lack of confidence in it
  • security is not guaranteed, applications are poorly configured, there is no framework for connection, data is not controlled
  • a gateway to the IS that is unknown to the IT department
  • there will be no suspension of accounts when users leave, since they won't be taking any steps and no one else is aware of the presence of the accounts

Why cut out IT?

The two most obvious reasons are a lack of responsiveness and cumbersome procedures.

There's no intention to harm when there's a ghost account, but rather a desire to move quickly to meet a need felt by the user.

When a request is made, it can take a long time for the IT department to respond, and it can sometimes go through committees and so on. It's slow, much too slow in relation to the employee's needs and notion of time. Employees take action and feel more responsive.

Then there are the procedures to be followed, which may seem to hinder the use of the application for the employee, who may also want to avoid talking about it for these reasons.

Unfortunately, these procedures, however restrictive they may be, are essential to ensure the safety of the company.

SaaS applications often have very high default rights and access allocations, so it's up to the IT department to minimize these rights and accesses in a logic of least privilege.

Envie de voir une démo instantanée de Youzer ?  
View demo

Would you like to receive our white paper on identity and access management?

Nous n'avons pas pu confirmer votre demande.
Votre demande de livre blanc est bien prise en compte.

What are the consequences for the company?

The security loopholes then begin with those open accounts that are not listed and monitored.

As we have seen, this leads to excessive access levels, with a high risk if the account is taken over by a third party during a cyber-attack.

Software expenditure is bound to be poorly controlled, and batch negotiations may not be possible, or thresholds may be exceeded.

Auditing is therefore invalid, as some applications are not known and cannot be listed.

Récap'IT the IT Newsletter

Get the best of the month's IT news.
Market developments, IT trends, cyberattacks in France... a digest of the month's IT news.

We have been unable to confirm your registration.
Your registration is confirmed! You'll receive your next Récap'IT at the end of the month 😊

Recommended items

What is privileged account management?
What is a ghost account and how to detect them in your Active Directory
What is IAM (Identity and Access Management)?

Discover Youzer, the first
platform for easy management of your users and their access.

Test YouzerBook a demo

Close

Hey! you know the drill :) We use anonymous data analysis cookies. By "Accept all cookies", you help us understand (anonymous) page views. Learn more about our privacy policy.
PreferencesRefuseAccept