By the beard of Neptune, the SS Auvik has survived the first storm and evaded the DocuKraken - but we’ve got a ways to go yet!
*** Remember, sailors - each week, we are giving away awesome pirate swag as we sail closer to golden SysAdmin Day treasure*!
But hold on to your spyglasses, because a new foe is emerging from the fog… Shadowbeard. 
They say this ghastly ghoul leaves a trail of SaaS chaos in every IT crew he curses. Shadow IT is his weapon of choice, flooding networks with unmonitored apps and sinking network security.
But don’t let that shiver your timbers!
The Pirate Code of IT charts a clear course through the fog, helping you uncover ghost apps, reclaim control of your stack, and send Shadowbeard back to the depths.
Claim your free copy of the Code and light the lantern of visibility… Savvy?
What is the most unexpected Shadow IT discovery you’ve made, and how did you handle it?
Disclaimer: All SpiceHeads are eligible to receive the Pirate Code, but only those in the US and Canada can be entered for the prize giveaways.
8 Spice ups
tb33t
(TB33T)
2
After starting at a new company all I did was discovery for the 1st month, then audit what I had found. What I found that was most unexpected was a default group in AD that granted all users domain admin rights by mistake. I believe it was supposed to only be managers to help their employees install software but was grossly misconfigured. I immediately removed the nested group and let my manager, the CIO, know what I had found and the risk that was mitigated. Who knows how long that was sitting there like that. Yikes!
5 Spice ups
Similar to your finding, I found that the “private” directory was shared to the “Everyone” built in group, meaning that everyone had read-access (or higher in some cases) to even the most sensitive of folders, if they knew enough to backtrack to the level above to see the whole Private directory. Even better, all of the folders were granted secure access by directly adding the user to the folder instead of a security group (there were some that had groups, but all the users in the group were also directly added to the folder) and in several instances, multiple end users had “Full” control of whole directories!!
4 Spice ups
mmalone
(Mmalone)
4
We had a number of employees using ILovePDF to split and merge PDFs. The irony was that almost all of them has Adobe Acrobat installed on their systems. Solution: we blocked the site.
5 Spice ups
ajason
(aJason)
5
I once found one of our users using a VPN to get around the firewall settings. He was having the company pay the monthly bill for the VPN. Once I found out, I asked upper management why we were paying to bypass security measures that we were paying for as well. I ended up setting up a content filter for all VPNs that were not part of our known network. (As well as got the VPN subscription canceled.)
4 Spice ups
Again with domain admin access. Prior to my arrival, the non-IT IT person gave everyone domain admin access because she didn’t want to deal with anything. When I was digging through the old hardware boxes in the closet where the server was stored, I came across 2 HDD’s labeled ransomware infected, do not use. I wonder why. Peachy.
I then thought I had my work cut out for me. After talking to the IT guy they used for the serious stuff that worked at the local ISP on contract here, he was very relieved I was hired and we have become good friends over the years leaning on one another.
4 Spice ups