Apps That Violate IT Policy – What and How?

Cloud Report

Apps That Violate

Over the last two days we’ve looked at  whether or not Shadow IT is a opportunity or a threat, and the security risks that unapproved apps pose to businesses and organisations. To conclude the mini-series, today we look at a new report that’s been released by Netskope. The ‘Netskope Cloud Report’ typically compiles the most interesting trends on cloud app adoption and usage based on aggregated, anonymised data from the Netskope Active Platform.

The key theme in the Q3 report for 2014 is how mobile devices have been using the cloud. They note that more than half of all ‘send’ or ‘approve’ activities occur on mobile, and a shockingly high number of activity-based policy violations also occur on the platform. The most frequent offenders aren’t social, but largely “prosumer” apps – demonstrating that IT departments are still finding it difficult to move employees on to a single, approved app for a single, specific purpose.

Enterprise Ready

In total, businesses are using on average a mammoth 579 cloud apps, of which a worryingly high 88.7 percent are not enterprise ready – failing to meet standards in either security, auditability, or business continuity. To reinforce the belief that Shadow IT is spiralling out of control, Netskope cite one business which used more than 3,000 apps. As we discussed on Monday, this is a huge problem for IT departments, especially given more than one-third of all policy violations are currently occurring via mobile apps.

With the exception of ubiquitous apps such as Dropbox and Evernote, line-of-business apps are the most common. Marketing apps are the most common (60 per business), then human resources (36), finance/accounting (29), and CRM (24). Of those apps, the threat posed to an organisation’s security is vast – 98 percent of marketing apps are not enterprise ready, 96 percent of HR, 98 percent of finance and 91 percent of CRM.

Policy violations can take many forms – ranging from downloading personally-identifiable information from an HR app to a mobile device, to alerting when users share documents in cloud storage apps with someone outside of the company. With 44 percent of all download activities occurring on mobile devices, and with 40 percent of all sharing happening via mobile, it’s quickly apparent why IT departments struggle to track, update and manage the Shadow IT within an organisation.

In terms of the apps with the largest volume of policy violations, the top five categories which offend most frequently are cloud storage, CRM, collaboration, HR, and finance. From these categories, the five activities which most frequently constitute policy violations are logins, views, downloads, edits and uploads.

Top 10 App Violators

The top ten apps that violate IT policy were also highlighted in the report. The high usage of these apps by employees should provide yet another serious concern for IT departments.

NS-Cloud-Report-Oct14-IG-00_001

By Dan Price

Ajay

Explainable Intelligence Part 1 – XAI, the third wave of AI

Explainable Intelligence Artificial Intelligence (AI) is democratized in our everyday life. Tractica forecasts the global artificial intelligence software market revenues will grow from around 9.5 billion US dollars in 2018 to an expected 118.6 billion by 2025 ...
Martin Mendelsohn

Who Should Protect Our Data?

Who Should Protect Our Data in The Cloud? You would think that cloud service providers are safe havens for your personal data – they all have a ‘security’ component embedded into their offerings and claim ...
Employees Digital

A Winning Data Strategy Series Part 1: Off to a Faulty Start

A Winning Data Strategy Series This is the first piece of a 5-part series on plugging the obvious but overlooked gaps in achieving digital success through a refined data strategy. Everyone is aiming for stellar ...
Figure4

DevOps – Secure and Scalable CI/CD Pipeline with AWS

Secure and Scalable CI/CD Pipeline According to Gartner, a leading research company, worldwide public cloud revenue will grow by 17.3 percent in 2019. Total spending on IT infrastructure products (server, enterprise storage, and Ethernet switches) ...
Ian Hayes

EasyShip – Shipping and delivering across the cloud

The Shipping Industry  Article branded by Easyship Shipping and delivering across the world is as hectic as it sounds, and it can get really chaotic for online businesses to keep track, especially if they sell ...
Bruce Guptill

As The Digital Workplace Strengthens, Traditional Business Thinking Must Die

The Digital Workplace The cloud-driven, digital workplace is enabling better ways of working, new ways of doing business, and entirely new business opportunities. It is also breaking down traditional boundaries and barriers within and between ...