Self-service IT is one of the most frustrating dangers for IT professionals to encounter today. Many employees — rather than connecting with their IT help desk — instead decide to try to solve their problems on their own. Though this can create a faster solution, it usually involves security workarounds and other issues that could potentially leave the network vulnerable to intrusion. Even worse, self-service IT tends to proliferate when it does occur; employees will spread their solutions and fixes around the office, thereby compromising the entire infrastructure.
Educate the Employees
Employees often don’t realize that they could be compromising system security when they operate a third-party application. Not only do employees need to understand the inherent dangers of self-service IT, but there also needs to be a clear outline of what will happen to employees that don’t follow the rules and restrictions regarding third-party applications and other non-approved IT solutions. Otherwise employees may not understand the full gravity of the situation. Employee mistakes account for virtually all of the security breaches throughout most businesses.
Monitor the Help Desk
Employees tend to reach for self-service solutions more often if they feel that the help desk is ignoring them. It’s important that tickets be cleared as quickly as possible through the help desk and that the help desk follows up afterwards. Analytics should be used to determine whether the company’s help desk is actually functioning as it should. How long does it take for a ticket to be cleared? How many interactions are required for a single problem to be solved? Are certain issues recurring?
Talk to the Employees
Employees often have minor frustrations regarding the network and how it operates. This will always happen — the problem is when the network and software solutions become prohibitive to their work. Talk to employees about what could potentially be holding them back from fulfilling their work obligations. They may be able to point to certain aspects of the software system that they’re being forced to work around.
Analyze the Network
In addition to the above, companies will need to maintain a unified threat protection system and comprehensive network analysis to protect them from IT gone rogue. One of the easiest ways to detect the use of third-party applications is to look for suspicious network traffic, such as connections from an unidentified party. IT professionals have to be continuously vigilant today if they are to secure their network against third-party applications, mobile devices, and even the actions of their own employees.
In general, protecting against self-service IT is a matter of educating employees and ensuring that self-service IT itself remains unnecessary. As long as employees have issues standing in the way of accomplishing their work, they are going to seek to work around these issues; it’s only human nature. Employees need to both have the dangers of self-service IT impressed upon them and be disinclined to attempt it.