Security: Financial Services

Casting Light on Shadow IT


A large Financial Services client was interested in understanding how many of their IT applications were sanctioned and how many were considered "Shadow IT". In addition, they also wanted to know how much of Shadow IT was anchored in the Cloud.


  • Conducted a Shadow IT assessment by installing an application that looked at their proxy server

  • Uncovered over 700 Cloud applications being run in the Client environment over the two week assessment

  • This included roughly 10 applications that were compromising financial data into a public Cloud application

  • Rationalized through the list of Cloud application and provided the Client with direction on how to manage their unauthorized portfolio of Cloud applications

  • This included sun-setting Cloud apps and standardizing on some of the Cloud applications

Client Outcome

The Client received immediate value by disengaging the use of Cloud applications identified as risky. The Client then worked with WorldLink to standardize on some of the Cloud solutions like ECM, storage, and P & Iaas usage. WorldLink implemented the Cloud usage discovery tool as a part of the security tool portfolio, providing a continuous Cloud monitoring capability.


  • 700 cloud applications in the environment

  • 10 applications determined "at-risk"

  • Client received immediate value