Security Nightmare For IT Departments
Netskope have today released the findings of their quarterly ‘Cloud Report’. The report, which complies the foremost trends on cloud app adoption and usage, discovered the emergence of several new trends. Chief among them was the ever-increasing number of apps that enable some kind of sharing and the security concerns which accompany them.
Sharing has traditionally been considered as something primarily done through cloud storage apps (where for every one upload there are three shares), however, the report notes that one out of every five apps in used on Netskope’s cloud app analytics platform (the ‘Netskope Active Platform’) now has sharing enabled. Additionally, forty nine of the fifty five app categories which the company track had sharing features.
The report found that top ten (non-storage) most frequently used apps for sharing were, in decreasing order, Facebook, Salesforce, Yammer, LinkedIn, Workday, Evernote, Zoho, QuickBooks, Trello and Concur. Sharing of this nature is a security nightmare for IT departments – although they are the ones who are responsible for protecting businesses against online threats, they often lack any useful insight into which apps are running in their environments, which of those apps allow sharing, and whether their data is being uploaded through those apps…
The varying context and content of sharing means it can either be a very risky or very benign procedure. At the bottom end of the scale is something as simple as sharing a photograph, whereas at the more worrying end of the scale is company executives accidentally sharing confidential information, accountants giving an organisation’s financial details to media outlets or other company ‘insiders’ providing non-public data to unauthorised personnel.
Netskope CEO Sanjay Beri commented on this growth of sharing upon the release of the report, “There’s been a considerable increase in usage of apps that include sharing functionality – many of which are unsanctioned”. Adding, “this goes beyond traditional cloud storage apps; more and more, employees are sharing sensitive data through these apps and introducing new security and compliance challenges to enterprises. The good news here is that IT is increasingly aware of this phenomenon and taking steps to effectively monitor all apps being used in the network to neutralize these issues”.
Elsewhere, the report also found that enterprises are continuing to adopt cloud apps at a growing rate – the average number in use per business grew to 508 in this quarter, up from 461 last quarter. Despite the positive growth news, a more worrying fact to come to light was that a vast number of the apps in use were not enterprise ready (88.4 percent), and these apps accounted for 73.6 percent of total app usage. It’s something we looked at in detail at the start of June and it seems little has changed – in fact, both figures are up on last quarter.
Finally, it was noted that the most frequent cloud app activities that constituted policy violations were logins, downloads, edits, views and creating. Apps falling in the categories of CRM, HR, finance and storage the most regular offenders – though it was noted that what could constitute a policy violation could vary between categories.
By Daniel Price