• Skip to primary navigation
  • Skip to main content
  • Skip to footer

Cisco Umbrella

Enterprise network security

  • Free Trial
  • Contact us
  • Blog
  • Login
    • Umbrella Login
    • Cloudlock Login
  • Products
    • Product
      • Cisco Umbrella Cloud Security Service
      • Cisco Umbrella Investigate
      • Product Packages
      • Support Packages
    • Functionality
      • DNS-Layer Security
      • Secure Web Gateway
      • Cloud Access Security Broker (CASB)
      • Interactive Intelligence
      • Cloud-Delivered Firewall
    •  
    • Webinar signup
  • Solutions
    • By Need
      • Protect Mobile Users
      • Fast Incident Response
      • Web Content Filtering
      • Shadow IT Discovery & App Blocking
      • Unified Threat Enforcement
      • Reduce Security Infections
      • Secure Direct Internet Access
      • Securing Remote and Roaming Users
    • By Network
      • Protect Guest Wi-Fi
      • SD-WAN Security
      • Off-Network Endpoint Security
    • By Industry
      • Higher Education Security
      • K-12 Schools Security
      • Healthcare, Retail and Hospitality Security
      • Enterprise Cloud Security
      • Small Business Cybersecurity
      • Our Customers
      • Customer Stories
    • Ransomware Defense for Dummies book
  • Why Us
    • Fast Reliable Cloud
      • Cloud Security Infrastructure
      • Cloud Network Status
      • Cloud Network Activity
      • Recursive DNS Services
      • Top Reasons to Trial
      • Getting Started
    • Unmatched Intelligence
      • Cyber Attack Prevention
      • Interactive Intelligence
    • Extensive Integrations
      • IT Security Integrations
      • Hardware Integrations
      • Meraki Integration
      • Cisco SD-WAN
    • Navigation-dropdown-promo-free-trial_102820
  • Resources
    • Content Library
      • Top Resources
      • Analyst Reports
      • Case Studies
      • Customer Videos
      • Datasheets
      • eBooks
      • Infographics
      • Solution Briefs
    • International Documents
      • Deutsch/German
      • Español/Spanish
      • Français/French
      • Italiano/Italian
      • 日本語/Japanese
    • Cisco Umbrella Blog
      • Latest Posts
      • Security Posts
      • Research Posts
      • Threats Posts
      • Product Posts
      • Spotlight
    • For Customers
      • Support
      • Customer Success Hub
      • Umbrella Deployment Hub
      • Customer Success Webinars
      • What’s New
      • Cisco Umbrella Studio
  • Trends & Threats
    • Market Trends
      • Rise of Remote Workers
      • Secure Internet Gateway (SIG)
      • Secure Access Service Edge (SASE)
    • Security Threats
      • Ransomware
      • Cryptomining Malware Protection
      • Cybersecurity Threat Landscape
    •  
    • 2020 Cybersecurity trends
  • Partners
    • Channel Partners
      • Partner Program
      • Become a Partner
    • Service Providers
      • Secure Connectivity
      • Managed Security for MSSPs
      • Managed IT for MSPs
    •  
    • Become a partner
  • Free Trial Signup
  • Umbrella Login
  • Cloudlock Login
  • Contact Us
Spotlight

Cloud Services Report: A Big Ally Against Shadow IT and IoT

By Owen Lystrup
Posted on June 4, 2015
Updated on April 15, 2020

Share

Facebook0Tweet0LinkedIn0

Last year was a big year for software vulnerabilities. More security flaws were reported in 2014 than ever. Of the more than 7,000 vulnerabilities added to the National Vulnerability Database, an estimated 83 percent of them were found in third-party software. And this trend is likely to continue in 2015.

Combined with the fact that it can be incredibly hard to get insight into what unsanctioned tools and cloud services employees use on a regular basis, enterprise IT teams have good reason to be worried. Without insight, it’s difficult to track data exfiltration, or know when employees may need to reset a password because of a hack affecting a third-party tool.

The good news is, if you subscribe to an OpenDNS Umbrella package, you already have access to a report that can show what services and Internet enabled devices are in your network environment, and even tie these devices to a user.

Report Summary
The Cloud Services Report provides a snapshot summary and in depth usage logs.

The worry on behalf of IT teams is what prompted OpenDNS to develop a cloud services discovery tool, which the San Francisco security company released August of 2014. Director of Engineering Dave Cornell and his team saw an opportunity to provide OpenDNS customers with an unprecedented insight into their network environments and what third-party cloud and SaaS tools employees were using.

“Originally we called it the Shadow IT report,” Cornell said in an interview. “The problem we’re solving is that organizations a lot of times don’t know what tools employees are using. They’ll use whatever tool makes their job easier, condoned or not.”

Discovery Now Includes IoT

OpenDNS estimates that its global data centers handle two percent of the world’s DNS requests, which includes cloud services and IoT traffic passing through enterprise networks. Leveraging such a vast knowledge of the Internet the company is able to correlate traffic to cloud app usage like DropBox in near real time. OpenDNS this week released the 2015 Internet of Things in the Enterprise Report, and in conjunction Cornell and his team added a new category to the Cloud Services Report specifically for IoT.

This means IT admins or security professionals auditing for internal security threats can easily determine if the Samsung Smart TV in the conference room down the hall is making calls to Korea, even when not in use.

Considering the risks that come with IoT, and how pervasive they’re becoming in the enterprise, being able to tie network activity from IoT devices–and cloud services in general for that matter–to an employee identity could be incredibly valuable for IT and security professionals short on time.

InternetOfThings Report
The Cloud Services Report can provide a list of active Internet enabled devices in your network.

Easy Deployment and Off-Network Reporting

Cornell says the Cloud Services Report borrows two distinct benefits from Umbrella. One is easy deployment, since the report is included with the existing Umbrella packages, and uses the data OpenDNS already sees as a result, there’s no extra work needed on behalf of IT or InfoSec teams. Once DNS requests are logged, the cloud report will do its work.

The other advantage, Cornell said, is off-network reporting. Many existing cloud reporting tools work through proxies and get data from perimeter appliances like firewalls and IDS. Working with appliances and connecting data to a cloud report can be complex, but it also means they will not be able to catch activity once a device leaves a company’s network perimeter.

It’s Not All FUD

It’s important to note that the report’s most useful applications are not only blocking or preventing certain traffic or employee behavior. It’s also a powerful tool when justifying an IT budget, gauging use of deployed apps, or building a case to sanction a cloud solution employees already use.

Cornell states that IT leaders who make use of the report will be able to draw conclusions based on actual usage. Wondering if your team prefers Webex or Google Hangouts? Take a look at the report and see what employees are using already.

Useful Even When Not Proactive

Security professionals, much as they would like to, don’t have a crystal ball. Unfortunately this means working frantically after a breach has occurred. And if it’s a third-party that had a breach, it can be even harder determining whose login credentials or data may have been compromised. The first step is determining who uses that third-party service.

According to Cornell, this is a powerful use for the Cloud Services Report. “Say company X has a cloud service and had a major data breach,” he said. “And say all customer account logins were exposed. System administrators can use this report to find who was using this service, and advise them to change passwords.” He added that because the tool records activity in near real time, reaction times to ongoing breaches or announcements from third parties can drop significantly.

If you are not a current subscriber and would like to experience the Cloud Services Report and find out what cloud tools and IoT devices your employees are using, Cisco Umbrella allows access through a free trial.

Previous Post:

Previous Article

Next Post:

Next Article

Follow Us

  • Twitter
  • Facebook
  • LinkedIn
  • YouTube

Footer Sections

What we make

  • Cloud Security Service
  • DNS-Layer Network Security
  • Secure Web Gateway
  • Security Packages

Who we are

  • Cisco Umbrella Blog
  • Cloud Network Status
  • Cloud Network Activity
  • OpenDNS is now Cisco Umbrella

Learn more

  • Events
  • Careers
  • Support
  • Cisco Umbrella Live Demo
  • Contact Sales
Umbrella by Cisco
208.67.222.222+208.67.220.220
2620:119:35::35+2620:119:53::53
Sign up for a Free Trial
  • Cisco Online Privacy Statement
  • Terms of Service
  • Sitemap

© 2021 Cisco Umbrella