Detection of Shadow IT Incidents for Centralized IT Management in Enterprises using Statistical and Machine Learning Algorithms

Author:

KUTSAL Mücahit1ORCID,DAŞ Bihter2ORCID,AŞKAR ZiyaORCID,GÜVERCİN Ali NecdetORCID,DAŞ Resul2ORCID

Affiliation:

1. University of Gdańsk

2. FIRAT ÜNİVERSİTESİ

Abstract

Software as a Service (SaaS) is a software service where software solutions are offered to users via the internet, usually subscription-based or sometimes opened to access by selling a license key, distributed over the cloud, and updates are automatically delivered to users because they are distributed over the cloud. The number of SaaS provider companies is increasing day by day, and with this increase, unauthorized purchase of SaaS applications has become a problem for corporate-sized companies. Without the company's approval, SaaS software and hardware used by employees increase Shadow IT which means there is a potential risk of security breaches, data loss, and compliance issues as the IT department is unaware of the usage and unable to monitor and control the systems effectively. In this study, in order to avoid the problems that may be caused by Shadow IT, unauthorized SaaS applications in Arçelik Global have been detected by utilizing statistical and machine learning approaches. In the experiment, Interquartile Range, K-Means and Stabilization algorithms were used for the detection of unauthorized SaaS applications. Using all three algorithms, low, medium and high-risk shadow IT detection was made for Arçelik company. We see that the proposed stabilization approach explores unauthorized SaaS applications much more distinctively than the other two algorithms. The proposed approach can be used in the future to detect unauthorized software from other companies.

Publisher

INESEG Yayincilik

Subject

General Earth and Planetary Sciences

Reference36 articles.

1. [1] Haag, S.; Eckhardt, A. Shadow IT. Bus Inf Syst Eng. 2017, vol. 59, no. 6, pp. 469–473, doi: 10.1007/s12599-017-0497-x.

2. [2] Györy A.; Cleven A.; Uebernickel F.; Brenner W. Exploring the shadows: IT governance approaches to user-driven innovation. In: Proceedings of the 20th European Conference on Information Systems. 2012, Barcelona.

3. [3] Segal M. Dealing with the realities of shadow IT. In: Datacenter J. http://www.datacenterjournal.com/dealing-realities-shadow/. Accessed 22 Nov. 2016.

4. [4] Brancheau J.C; Brown, C. The management of end-user computing: Status and Directions. ACM Computing Surveys, 1993, vol. 25, no. 4, pp. 437–482.

5. [5] Klotz, S.; Kopper, A.; Westner, M., Strahringer, S. Causing factors,outcomes, and governace of Shadow IT and business-managed IT: a systematic literature review. International Journal of Information Systems and Project Management. vol.7, no.1, 2019.

同舟云学术

1.学者识别学者识别

2.学术分析学术分析

3.人才评估人才评估

"同舟云学术"是以全球学者为主线,采集、加工和组织学术论文而形成的新型学术文献查询和分析系统,可以对全球学者进行文献检索和人才价值评估。用户可以通过关注某些学科领域的顶尖人物而持续追踪该领域的学科进展和研究前沿。经过近期的数据扩容,当前同舟云学术共收录了国内外主流学术期刊6万余种,收集的期刊论文及会议论文总量共计约1.5亿篇,并以每天添加12000余篇中外论文的速度递增。我们也可以为用户提供个性化、定制化的学者数据。欢迎来电咨询!咨询电话:010-8811{复制后删除}0370

www.globalauthorid.com

TOP

Copyright © 2019-2024 北京同舟云网络信息技术有限公司
京公网安备11010802033243号  京ICP备18003416号-3