Shadow-IT system and insider threat: An assessment of an opportunity dimension for the identity theft

Abstract

Shadow IT is taken as a key example of unauthorized use of IT resources/tools and is defined as collaborative systems for communication and sharing content among employees of an organization. Currently, organizations are struggling to understand the threats to their sensitive information assets and the necessary means to combat them. This research study seeks to understand such specific threats posed by insiders in an organizational context that facilitate such unauthorized use of Information technology. Using a survey design, this document systematically attempts to measure the fraud risk to Personally Identifiable Information (PII) as identity (ID) theft from insiders in varying security environments. By integrating the opportunity dimension, as explained in a fraud triangle, and the organizational context of insider threat to sensitive information, this research will present a theoretical model that may help explain the relationship between the various aspects of Shadow-IT system and the potential opportunity for the fraudulent behavior from respective shadow users.