A report identified that several of a company's SaaS applications are against corporate policy.
Which of the following is the MOST likely reason for this issue?
A report identified that several of a company's SaaS applications are against corporate policy.
Which of the following is the MOST likely reason for this issue?
The most likely reason several of a company's SaaS applications are against corporate policy is Shadow IT. Shadow IT refers to the use of software, applications, or devices by employees without explicit approval from the organization's IT department. When employees adopt unauthorized SaaS applications, it often leads to non-compliance with corporate policies due to lack of oversight and security considerations.
Shadow IT is the use of IT-related hardware or software by a department or individual without the knowledge of the IT or security group within the organization. It can encompass cloud services, software, and hardware. https://www.cisco.com/c/en/us/products/security/what-is-shadow-it.html#~how-shadow-it-works
Sensitive data makes no sense for the answer. Shadow IT fits best
Shadow IT is any software, hardware or information technology (IT) resource used on an enterprise network without the IT department’s approval, knowledge or oversight. - As already stated, not even in the objectives.... why CompTIA? Why?
"company's SaaS applications" are against corporate policy. The applications themselves are against the policy. Shadow IT can be fixed by increasing security and therefore the SaaS Applications don't have to be against corporate policy. If the SaaS Applications are designed for use with Sensitive data. And that usage isn't allowed it can make the Apps them selves against corporate policy as the company may not have the rights to use that data (privacy laws.. ex. HIPPA).
It might be, however shadow anything doesn't appear in the CompTIA exam objectives so I don't think it is the answer