During a routine audit, your security team has discovered an unauthorized active directory tool being used by the marketing department to synchronize contact information across platforms. The team suspects that this is a case of Shadow IT. What is the PRIMARY risk associated with this discovery?
Increased productivity and efficiency within the marketing department
Security breaches due to unauthorized applications bypassing organizational security processes
Increased IT budget due to additional user licenses required for the unauthorized tool
Decreased usage of IT-approved communication tools
The correct answer is that the primary risk associated with Shadow IT is the potential for security breaches. This is because unauthorized applications and systems have not been vetted by the organization's security protocols. These tools might not be compliant with security policies, may not be regularly patched, and could lead to the exposure of sensitive data. While increased productivity is often the motivation for using such tools, and budget or usage of approved tools may be affected, the most significant risk from a security standpoint is the introduction of unmonitored vulnerabilities.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Shadow IT?
Open an interactive chat with Bash
How can Shadow IT lead to security breaches?
Open an interactive chat with Bash
What are some ways to mitigate the risks of Shadow IT?