The issues surrounding shadow IT that have long plagued security because of unmonitored and unsupported cloud applications and devices are increasingly coming under proper control, according to the 2019 Duo Trusted Access Report.
The report found that threats from applications and devices that have traditionally been lurking in IT environments are being mitigated through the implementation of a zero-trust model. Enterprises appear to be catching up with cloud expansion and addressing concerns of shadow IT because the report found that the average number of organizations protecting cloud apps reportedly surged 189% year-over-year.
The report assessed the security of thousands of the world’s largest and fastest-growing organizations and examined 24 million devices used for work. Research showed that the use of out-of-date devices has dropped precipitously, which could be a function of the ever-growing remote workforce. According to today’s press release, a third of all work is done on a mobile device, a 10% increase year-over-year. In turn, organizations are hardening mobile defenses against malware.
In addition, biometric verification has seen a double-digit jump to more than 77% of business devices, and organizations are outright rejecting authentication based on policies for location-rooted devices, device locks not enabled or a lack of disk encryption.
“Without proper protections, such as strong user authentication and device hygiene checks, accessing business applications from mobile devices can increase exposure to threats that exploit user identities,” the press release said.
As organizations continue to experience shifts in digital transformation, they are enforcing security controls that establish user and device trust through a zero-trust security model.
“For years, security teams have had little visibility into the cloud applications users were accessing and the personal devices they were using,” said Wendy Nather, head of advisory CISOs at Duo. “The findings in this report make clear that security leaders are taking back control of these apps and devices thanks to a zero-trust approach to security. This approach, in many cases, even allows organizations to adapt quickly to pending threats.”