What is ‘Shadow IT’?
Shadow IT refers to the various web tools informally in use within most organisations. These tools are often chosen without reference to IT or to management in general.
They are often used for all the very best reasons. Your colleagues have work to do, and these tools help them, so they get used. You might know about some because there is a subscription charge, but others might be free.
These tools can be anything from simply keeping lists of tasks to do, sharing information or managing workflows, providing newsletter lists, or recruiting staff. Its endless.
There’s all sorts of web pages out there that your people will be finding useful and will be using.
The question is, do you know what is being used on your behalf?
Even more importantly, do you know who’s got access to them? As your staff come and go, do you know to change passwords or reset user accounts to make sure that no one who has left you (maybe even gone to a competitor) is still able to access your confidential data?
Shadow IT is one of the largest threats to data privacy in organisations today. It’s not necessarily because these sites are going to be hacked, although it’s always possible, but it’s because if you don’t know the tools are in use, then there is no way that you can manage them!
The first step to maintaining this data is to identify them, and that’s why you need new tools that are cloud focused.
If you’re still using the same old security tools that you used prior to the cloud, then you are simply not keeping up and we need to talk!
Here’s a story about what happens if you don’t have this under control: Why you need to know all the cloud services that your organisation uses – IT Solutions and Managed Services (new.kinetics.co.nz/)
Shadow IT is part of our 10-point cyber-security check list
While there is no single layer of technology that can guarantee you will be safe from hackers, you can reduce your risk by adding layers of protection. How many of our 10-point check list are in place for you?
When “Legitimate” Tools Are Used Illegitimately (like booking a meeting time)
Cyber awareness isn’t just about blocking malware — it’s about recognising intent. Recently, we received a callout from a client after a user received what initially appeared to be a genuine business opportunity. The email exchange seemed credible, replies were...
Microsoft Copilot Is Moving From Chatting to Doing
If you’ve been following Microsoft Copilot for a while, you’ll have noticed something important happening. Copilot is no longer just about answering questions or drafting documents. Copilot is getting ready to do real work on your behalf. Two names you’ll hear...
The AI Agent Revolution: What OpenClaw and Paperclip Mean for Your Business
Two open-source AI tools are generating serious buzz in technology circles right now: OpenClaw and Paperclip. You may have seen the names appearing in your LinkedIn feed, or heard them mentioned at a recent industry event. If you're a business owner wondering whether...
Can you really run a business with only virtual staff?
Short answer: yes — in some cases. Longer answer: it depends on what kind of business you’re running, and what “staff” actually means in 2026. We’re seeing a growing wave of businesses experimenting with fully virtual teams — not just remote people, but AI agents...
Could you get into trouble with the law if you lose a USB stick?
A lost USB stick can be a notifiable privacy breach. Here’s why that matters It sounds old school, but USB sticks are still floating around plenty of NZ businesses. A recent draft decision note from the Office of the Privacy Commissioner is a timely reminder...
Copilot Upgrade: Is “Claude” coming to Copilot?
Copilot Upgrade: Welcoming the Sonnet Engine (Claude's engine)A Smarter, Faster Copilot Experience Microsoft has started to roll out the new Sonnet engine across Copilot! This will bring a noticeable improvement in speed, accuracy, and the quality of responses. For...
Additional M365 Security Protection Rolled Out for our KARE Foundation Customers
Turning up your cyber-security Kinetics is busy rolling out an additional security protection for Kinetics KARE Foundation customers only, designed to stop a highly active and sophisticated phishing campaign currently targeting Microsoft 365 environments worldwide. ...
Webinar Replay: What Recent Cyber-Breaches Teach Us About Protecting Your Business
Every cyber-breach tells a story, and the best way to protect your business is learning from others' experiences before they become your own. This isn't about fear—it's about learning. We'll translate real-world breach experiences into practical insights you can apply...
Microsoft Copilot in 2026: Why So Many Businesses Are Taking a Second Look
Think Copilot Was a Let‑Down? It’s Quietly Got Much Better in 2026 If you tried Microsoft Copilot early on and walked away a little underwhelmed, you’re not alone. We heard it a lot last year: “It’s interesting, but it’s not quite there yet.” The thing is that Copilot...
Your (Home/Small Business) Router Could Be Working for Criminals Right Now
Right now, somewhere in the world, a home or office router is quietly routing cybercriminal traffic, and its owner is completely unaware. That's the reality revealed by the discovery of KadNap, a sophisticated malware campaign that has become one of the most...