Apps That Violate IT Policy – What and How?

Cloud Report

Apps That Violate

Over the last two days we’ve looked at  whether or not Shadow IT is a opportunity or a threat, and the security risks that unapproved apps pose to businesses and organisations. To conclude the mini-series, today we look at a new report that’s been released by Netskope. The ‘Netskope Cloud Report’ typically compiles the most interesting trends on cloud app adoption and usage based on aggregated, anonymised data from the Netskope Active Platform.

The key theme in the Q3 report for 2014 is how mobile devices have been using the cloud. They note that more than half of all ‘send’ or ‘approve’ activities occur on mobile, and a shockingly high number of activity-based policy violations also occur on the platform. The most frequent offenders aren’t social, but largely “prosumer” apps – demonstrating that IT departments are still finding it difficult to move employees on to a single, approved app for a single, specific purpose.

Enterprise Ready

In total, businesses are using on average a mammoth 579 cloud apps, of which a worryingly high 88.7 percent are not enterprise ready – failing to meet standards in either security, auditability, or business continuity. To reinforce the belief that Shadow IT is spiralling out of control, Netskope cite one business which used more than 3,000 apps. As we discussed on Monday, this is a huge problem for IT departments, especially given more than one-third of all policy violations are currently occurring via mobile apps.

With the exception of ubiquitous apps such as Dropbox and Evernote, line-of-business apps are the most common. Marketing apps are the most common (60 per business), then human resources (36), finance/accounting (29), and CRM (24). Of those apps, the threat posed to an organisation’s security is vast – 98 percent of marketing apps are not enterprise ready, 96 percent of HR, 98 percent of finance and 91 percent of CRM.

Policy violations can take many forms – ranging from downloading personally-identifiable information from an HR app to a mobile device, to alerting when users share documents in cloud storage apps with someone outside of the company. With 44 percent of all download activities occurring on mobile devices, and with 40 percent of all sharing happening via mobile, it’s quickly apparent why IT departments struggle to track, update and manage the Shadow IT within an organisation.

In terms of the apps with the largest volume of policy violations, the top five categories which offend most frequently are cloud storage, CRM, collaboration, HR, and finance. From these categories, the five activities which most frequently constitute policy violations are logins, views, downloads, edits and uploads.

Top 10 App Violators

The top ten apps that violate IT policy were also highlighted in the report. The high usage of these apps by employees should provide yet another serious concern for IT departments.

NS-Cloud-Report-Oct14-IG-00_001

By Dan Price

Jen
VoIP and PBX Phone Systems The cloud is already providing businesses with such a range of advanced tools and services, optimizing communication across channels, improving global cooperation, and supporting collaboration between teammates and partners both ...
Internet Security
Firefox introduces Enhanced Tracking Protection for Desktop Users Great news for Mozilla Firefox users as the internet browser rolled out its latest tracking protection features that make web surfing a lot safer. The new Enhanced ...
Gary Bernstein
Servant Leader In The Tech Industry Being a successful leader in business isn't easy. You must make difficult decisions, motivate your team, and keep everything organized. But what if there was an easier way? What ...
Gary Bernstein
Secure Remote Authentication When employees are working remotely, they need to be able to access company resources and applications just as if they were in the office. This means that remote authentication needs to be ...
Jen Klostermann
Why Marketing Is Important Those who ask themselves why marketing is important. Lets first start with Big Data. Big Data and its enhanced usefulness through advancing predictive analytics has changed the marketing game forever, and ...