Enterprise Security Weekly (Audio)

The Illusion of Control: Shadow IT, SSO Shortcomings, and the True Path to Security - Dave Lewis - ESW #413

9 snips
Jun 30, 2025
In this engaging discussion, Dave Lewis, Global Advisory CISO at 1Password, dives into the pitfalls of relying on SSO for security, exposing the lurking threats of shadow IT. He highlights real-world security failures and the human tendency to bypass controls for convenience. The conversation shifts to the looming impact of AI on jobs, tackling fears and misconceptions about automation. Lewis also advocates for tailored security solutions and user-centric practices to bolster enterprise defenses against evolving cyber threats.
Ask episode
AI Snips
Chapters
Books
Transcript
Episode notes
INSIGHT

SSO Illusion and Limitations

  • Single sign-on (SSO) creates an illusion of security but often leaves gaps due to partial adoption and shadow IT.
  • The cost and complexity of implementing SSO across all apps limit comprehensive coverage, leaving vulnerabilities behind.
ADVICE

Use User-Friendly Extended Access Management

  • Adopt extended access management to protect credentials created outside traditional SSO.
  • Provide user-friendly security tools designed for non-experts to reduce risky behavior and simplify password management.
INSIGHT

User Behavior Fuels Shadow IT

  • Shadow IT thrives as users find workarounds to inconvenient security controls.
  • User behavior drives security risks more than technology can address alone.
Get the Snipd Podcast app to discover more snips from this episode
Get the app