Experts agree that organisations need to conduct thorough audits and risk assessments. The best defences involve tight configuration management, software bill-of-materials tracking, security awareness training, and limiting what can be installed.

“Understanding your attack surface and conducting regular external asset mapping exercises is critical,” Tim West, Director, Threat Intelligence at With Secure. “It is important to note that the answer is not just solely technological. There is a human element behind shadow IT and why it happens. Training and ensuring existing processes work for the needs of your staff is also critical.”

ImmuniWeb’s Kolochenko added: “Even experienced software developers may carelessly deploy a container, with production data, in a cloud to experiment with some new features, eventually forgetting about it, let alone non-technical users with their home computers used for business or mobile devices.”