Apps That Violate IT Policy – What and How?

Cloud Report

Apps That Violate

Over the last two days we’ve looked at  whether or not Shadow IT is a opportunity or a threat, and the security risks that unapproved apps pose to businesses and organisations. To conclude the mini-series, today we look at a new report that’s been released by Netskope. The ‘Netskope Cloud Report’ typically compiles the most interesting trends on cloud app adoption and usage based on aggregated, anonymised data from the Netskope Active Platform.

The key theme in the Q3 report for 2014 is how mobile devices have been using the cloud. They note that more than half of all ‘send’ or ‘approve’ activities occur on mobile, and a shockingly high number of activity-based policy violations also occur on the platform. The most frequent offenders aren’t social, but largely “prosumer” apps – demonstrating that IT departments are still finding it difficult to move employees on to a single, approved app for a single, specific purpose.

Enterprise Ready

In total, businesses are using on average a mammoth 579 cloud apps, of which a worryingly high 88.7 percent are not enterprise ready – failing to meet standards in either security, auditability, or business continuity. To reinforce the belief that Shadow IT is spiralling out of control, Netskope cite one business which used more than 3,000 apps. As we discussed on Monday, this is a huge problem for IT departments, especially given more than one-third of all policy violations are currently occurring via mobile apps.

With the exception of ubiquitous apps such as Dropbox and Evernote, line-of-business apps are the most common. Marketing apps are the most common (60 per business), then human resources (36), finance/accounting (29), and CRM (24). Of those apps, the threat posed to an organisation’s security is vast – 98 percent of marketing apps are not enterprise ready, 96 percent of HR, 98 percent of finance and 91 percent of CRM.

Policy violations can take many forms – ranging from downloading personally-identifiable information from an HR app to a mobile device, to alerting when users share documents in cloud storage apps with someone outside of the company. With 44 percent of all download activities occurring on mobile devices, and with 40 percent of all sharing happening via mobile, it’s quickly apparent why IT departments struggle to track, update and manage the Shadow IT within an organisation.

In terms of the apps with the largest volume of policy violations, the top five categories which offend most frequently are cloud storage, CRM, collaboration, HR, and finance. From these categories, the five activities which most frequently constitute policy violations are logins, views, downloads, edits and uploads.

Top 10 App Violators

The top ten apps that violate IT policy were also highlighted in the report. The high usage of these apps by employees should provide yet another serious concern for IT departments.

NS-Cloud-Report-Oct14-IG-00_001

By Dan Price

Trust Report

Profit-Driving Strategies for 2020, Backed by Data

Profit-Driving Strategies Since 2019 is coming to a close, the time has come for businesses to evaluate what they can do to propel profits in 2020. The vast array of possibilities can make an enterprise's ...
Eddie Segal

Kubernetes on AWS: Tips for Cloud-Native Development

Kubernetes AWS Tips Kubernetes is a container orchestration and management tool that automates container deployment. Kubernetes is mainly used in the cloud. A recent survey by CNCF showed that 83% of organizations deploy Kubernetes on ...
Episode 4: The Power of Regulatory Compliant Cloud: A European Case Study

Episode 4: The Power of Regulatory Compliant Cloud: A European Case Study

An interview with Johan Christenson, CEO of CityNetwork With the world focusing on the big three hyperscalers, there is still room – and much necessity for – more local cloud providers who are better suited ...
Automate Order Fallout Resolution Using Self-healing Framework

Automate Order Fallout Resolution Using Self-healing Framework

Automate Order Fallout Resolution Using Self-healing Framework to Accelerate Resolution Time by 98% Most Digital Service Providers (DSPs) face a common challenge of meeting due dates for their customer orders. The instability and delay in ...
Scott Leatherman

Speeding up Digital Transformation During the Pandemic – 7 Steps to Unlocking the Benefits of Cloud

7 Steps to Unlocking the Benefits of Cloud The pressure for IT leaders to support more workloads and remote staff with limited resources is as contagious as the pandemic. The most powerful tool in their ...
Ronald van Loon

Operationalizing AI at Scale with ModelOps

Scaling with ModelOps Putting artificial intelligence (AI) into production can be a frustrating experience for organizations, one often destined for failure. In fact, only 53% of AI projects actually move past POC and into production ...