Whether you know it or not, like it or not, you are now a party to it. Imagine a junior doctor sending a patient’s x-ray in a chatbot to his senior to take her opinion on the case (you don’t have to imagine this, it is happening).Ī large organization may take months to sign an agreement with a vendor, but it does not know how many times someone pressed the “I Agree” button on its behalf to agree to far more onerous and one-sided terms, it does not know if the person had the authority to do so. You make rules as to what you will type or say in this chatbot and carefully avoid supplying confidential data but you cannot control (you may advise, at best) what the other person types – names, email addresses, company documents, account numbers, credit card numbers, SSNs – and while you may meticulously avoid capturing it in your systems, the intermediaries have collected it and you cannot prohibit them from doing so or using it for any purpose they want. Starts innocuously enough (just the way shadow IT began) but in enabling it, someone signed up to a whole bunch of intermediaries, including open source and free projects, that capture everything you and your customer types or says, converts text to speech or vice versa and do many more things. Let us take a simple example. A business team enables a simple chatbot conversation with its customers to have on-going discussions. Not that they are deliberately misusing such data (though many are) and simply may not be geared to protect it in a manner that allows you to ensure its security across the entire chain. ![]() While the interest and speed of business users is certainly an important reason, a more important reason is that many intermediaries gather the data (on your behalf but this gets very tricky very soon) from your customers or partners and you have almost no control over what they do with that data or how securely they store it. ![]() Shadow analytics is the data collected (in some cases), analyzed, utilized and shared (knowingly or otherwise) by business users outside the known boundaries of the organization. For the want of a better term, it is referred to as Shadow Analytics. The problem is resurfacing in a more sinister avatar now. New technologies like network discovery and management helped organizations put their technology house in order, or at least bring the rogue ones inside the house, in a manner of speaking. Shadow IT brought many large organizations to their knees and after a long period of turbulence, organizations got some semblance of control of their shadow IT. It was all great till it was not and when something went wrong, no one knew whose baby it was! The ‘super users’ were no doubt ‘super’ but still ‘users’, debugging, tracing and patching code was not their forte and the folks that did this had no clue what that system was all about. Both the machines and the men and women behind them grew exponentially to do complex stuff with advanced math, macros and formulae, started extracting data from the back-end databases to do stuff in days that a typical IT project would have taken months, if not shot down altogether. They started with simple ‘office’ stuff such as word processing, tabular data and graphics and everyone was happy. ![]() Remember the days of Shadow IT? With the proliferation of personal computers, PCs appeared on every desk. ![]() It does not appear to be a problem – in fact is desirable – except when your title is the CISO. Business users are envisioning newer applications of these technologies every day and doing incredible things to win in the marketplace. Deep learning, AI, Analytics, IoT, social media – the good stuff that is separating the winners from the losers is pervasive.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |