SUMMER 2015 WORLDWIDE EDITION CLOUD REPORT. sensitive data in the cloud

Similar documents
EDITION CLOUD REPORT HEALTHCARE AND LIFE SCIENCES LEAD IN FINDING AND PREVENTING SENSITIVE DATA LOSS

CLOUD REPORT OCTOBER 2014

JANUARY CLOUD REPORT 2015

APRIL CLOUD REPORT. Netskope Cloud Report Worldwide

APRIL CLOUD REPORT. Netskope Cloud Report for Europe, Middle East, and Africa

OCTOBER 2014 CLOUD REPORT

Netskope Cloud Report

Netskope Cloud Report. Report Highlights. cloud report. Three of the top 10 cloud apps are Storage, and enterprises use an average of 26 such apps

SAFELY ENABLING MICROSOFT OFFICE 365: THREE MUST-DO BEST PRACTICES

2H 2015 SHADOW DATA REPORT

Assessment & Monitoring

How To Read Cloud Adoption And Risk Report From Cloudtrust

The Netskope Active Platform

Repave the Cloud-Data Breach Collision Course

Authored by: Brought to you by. Jim Reavis, President - Reavis Consulting Group Brandon Cook, Director, Product Marketing Skyhigh Networks

PREVENTIA. Skyhigh Best Practices and Use cases. Table of Contents

Table of Contents CLOUD ADOPTION RISK REPORT INTRODUCTION...2 SENSITIVE DATA IN THE CLOUD...3

CLOUD ADOPTION & RISK IN FINANCIAL SERVICES REPORT

CLOUD ADOPTION & RISK REPORT

Web Protection for Your Business, Customers and Data

Report on App, Platform and Device Preferences from the Leader in Secure Mobility

KEYS TO CLOUD APP SECURITY

CLOUD ADOPTION & RISK IN HEALTHCARE REPORT

These materials are 2015 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.

Cloud Usage: Risks and Opportunities Report. September 2014

Office 365 Adoption & Risk Report

Empowering Your Business in the Cloud Without Compromising Security

CLOUD ADOPTION & RISK IN GOVERMENT REPORT

Cloud Apps and the Modern Professional: The New Business Landscape

CLOUD SECURITY. Rafal Los. Renee Guttmann. Jason Clark SOLUTION PRIMER. Director, Information Security, Accuvant

The Cloud App Visibility Blindspot

SOOKASA WHITEPAPER CASB SECURITY OVERVIEW.

The Cloud App Visibility Blind Spot

Top Five Security Must-Haves for Office 365. Frank Cabri, Vice President, Marketing Shan Zhou, Senior Director, Security Engineering

THE NEW FRONTIER FOR PROTECTING CORPORATE DATA IN THE CLOUD

Securing and Monitoring Access to Office 365

Introduction to Cloud Storage GOOGLE DRIVE

Cloud Adoption Practices & Priorities Survey Report

IC L05: Security.cloud Configuring DLP on to your flow & Applying security to your Office 365 or Google Apps deployment Hands-On Lab

SELECTING AN ENTERPRISE-READY CLOUD SERVICE

Organizing Electronic Documents and Records in Cloud-Based Systems (5-4) K.J. McCorry

The Top 7 Ways to Protect Your Data in the New World of

Storing Information on the Cloud

Develop your Legal Practice using Cloud applications, but

EXECUTIVE BRIEF PON SPON. The Cloud Application Explosion. Published April An Osterman Research Executive Brief. sponsored by.

FROM TACTIC TO STRATEGY:

How to use the Cloud

DISCOVER, MONITOR AND PROTECT YOUR SENSITIVE INFORMATION Symantec Data Loss Prevention. symantec.com

Addressing Information Protection, Privacy & Sovereignty Concerns in Cloud Applications

Solution Brief for HIPAA HIPAA. Publication Date: Jan 27, EventTracker 8815 Centre Park Drive, Columbia MD 21045

2015 Cloud Security Alliance All Rights Reserved

In the Cloud. Scoville Memorial Library February, 2013

Cloud Adoption & Risk Report Q3 2013

OneDrive in Office 365

GOOD TECHNOLOGY TM MOBILITY INDEX REPORT Q2 2014

The Cloud On A Clear Day. Neal Juern

Facebook Smart Card FB _1800

How APIs Turned Cloud on Security on Its Head

Moreketing. With great ease you can end up wasting a lot of time and money with online marketing. Causing

Managing the Challenges of the Cloud Under the New EU General Data Protection Regulation

Securing SharePoint 101. Rob Rachwald Imperva

INCREASINGLY, ORGANIZATIONS ARE ASKING WHAT CAN T GO TO THE CLOUD, RATHER THAN WHAT CAN. Albin Penič Technical Team Leader Eastern Europe

AN INTRODUCTION TO CLOUD COMPUTING

CSUSB Cloud Computing Standard CSUSB, Information Security Office

Managing Privileged Identities in the Cloud. How Privileged Identity Management Evolved to a Service Platform

Top Five Ways Any Business Can Benefit from Box

Cloud App Security. Tiberio Molino Sales Engineer

Smart & Secure Technology Options for Cities

Cloud Security for SME

RSA Data Loss Prevention (DLP) Understand business risk and mitigate it effectively

Fidelis XPS Power Tools. Gaining Visibility Into Your Cloud: Cloud Services Security. February 2012 PAGE 1 PAGE 1

Marketing Planner 2012: Social Media Monitoring Tools. The Most Effective Paid Services Explained. December

Using Mindjet Software and Templates for Sales Account Planning and Management

Vyve Broadband Website Privacy Policy. What Information About Me Is Collected and Stored?

PaperStream Connect. Setup Guide. Version Copyright Fujitsu

What is the Cloud? Computer Basics Web Apps and the Cloud. Page 1

Social Insights Admin Guide

Privilege Gone Wild: The State of Privileged Account Management in 2015

CASE STUDY. Global Airline Empowers Mobile Workforce for SaaS Apps while Reducing Risk

Session 7 : Information Systems

4 ways to grow your small business with Salesforce CRM

5THINGS COMPANIES THINK

Securing Office 365 with MobileIron

CLOUD ADOPTION & RISK IN EUROPE REPORT. Q Published Q3 2015

Solve the Dropbox Problem with Enterprise Content Connectors. Whitepaper Solve the Dropbox Problem with Enterprise Content Connectors

Digital Storage Options MAKING ROOM IN THE CLOUD

Q Published Q3 2015

PROTECTED CLOUDS: Symantec solutions for consuming, building, or extending into the cloud

5 Lines of Defense You Need to Secure Your SharePoint Environment SharePoint Security Resource Kit

How to Send an Encrypted via KDADS' Outlook Client or Outlook Web Application

Cloud Access Security Broker. Ted Hendriks HP Atalla Pre-Sales Consultant, APJ Region HP Enterprise Security Products

The 5 Steps to Cloud Confidence

North Carolina Office of the Governor North Carolina Office of Information Technology Services North Carolina Department of Cultural Resources

TOP 10. Features Small and Medium Businesses

Investor Newsletter. SMEStorage Open Cloud File Server Unify, Govern, and Manage your files. Cloud File Server Overview

CRM Insights Admin Guide

Table of Contents. Living In A Mobile World. There s Always An App For That. The UX Challenge. The Facebook + Mobile Opportunity

Steps on a Computer Compared to Steps on an ipad

A Websense Research Brief Prevent Data Loss and Comply with Payment Card Industry Data Security Standards

SOCIAL MEDIA & bet-at-home.com

Transcription:

CLOUD REPORT SUMMER 2015 WORLDWIDE EDITION sensitive data in the cloud

Report Highlights 17.9 percent of all files in enterprise-sanctioned cloud apps constitute a data policy violation. 22.2 percent of those violating files are shared publicly. More than half of all DLP violations in cloud apps violate a personally identifiable information (PII) or payment card industry information (PCI) policy. The average number of cloud apps per enterprise has declined slightly from 730 last quarter, to 715. We believe this is a direct result of IT s efforts to consolidate on sanctioned corporate apps across categories such as Collaboration and Productivity. A whopping 91.9 percent of all apps are not enterprise-ready, lacking in the areas of security, audit and certification, service-level agreement, legal, and vulnerability that enterprises require for safe enablement. Enterprises are rapidly adopting the Microsoft Office 365 suite, with a 37 and 124 percent quarter-over-quarter usage increase in the for Business (vs. personal) versions of Outlook and OneDrive, respectively. 2

EXECUTIVE SUMMARY In this Netskope Cloud Report, we ve compiled the most interesting trends on cloud app adoption and usage based on aggregated, anonymized data from the Netskope Active Platform. Report findings are based on usage seen across millions of users in hundreds of accounts in the global Netskope Active Platform, and represent usage trends from March 15-May 31, 2015. A key area of focus for this report is Data Loss Prevention (DLP) in the cloud. One of the most dramatic findings this quarter is that 17.9 percent of all files in sanctioned apps violate at least one enterprise DLP policy, such as personally identifiable information (PII), payment card industry information (PCI), protected health information (PHI), source code, profanity, and confidential or top secret information. Even more striking is that of those files, 22.2 percent are exposed publicly. Drilling deeper into DLP policy violations, we find that personally identifiable information (PII) and payment card industry information (PCI) make up more than half of all such violations in cloud apps, at 26.8 and 24.3 percent, respectively. Those are followed by custom confidential or top secret violations, at 16.7 percent. We saw the average number of cloud apps per enterprise dip slightly from 730 last quarter to 715 this quarter. This aligns with anecdotal feedback from customers that they are beginning to consolidate usage on sanctioned corporate apps and suites such as Office 365, Box, Google Apps for Work, and Dropbox for Business. While the aforementioned cloud apps are enterprise-ready according to the Netskope Cloud Confidence Index 1, 91.9 percent of the cloud apps that are in use are not enterprise-ready, lacking in the areas of security, audit and certification, service-level agreement, legal, and vulnerability that enterprises require for safe enablement. Further evidence of consolidation efforts in the enterprise can be seen through the growth we have observed in the for business (vs. personal) versions of apps within the microsoft office 365 suite. Usage in Office 365 Outlook and OneDrive for Business grew 37 and 124 percent, respectively, in the past quarter. 1 The Netskope Cloud Confidence Index is a database of thousands of cloud apps that are evaluated on 40+ objective enterprise-readiness criteria adapted from the Cloud Security Alliance, including security, audit and certification, service-level agreement, legal, and vulnerability. The results of the evaluation are normalized to a 0 100 score and mapped to five levels ranging from poor to excellent. 3

ONE OUT OF FIVE DLP-VIOLATING FILES EXPOSED PUBLICLY In this report, we drill down into Data Loss Prevention (DLP) policy violations in the cloud. In the Netskope Active Platform, we identify such violations by discovering sensitive content at-rest in sanctioned cloud apps and en route to or from a variety of sanctioned and unsanctioned ones. Enterprises discover cloud content against predefined and custom DLP profiles such as personally identifiable information (PII), payment card industry information (PCI), protected health information (PHI), source code, profanity, and confidential or top secret information. In discovering content at-rest in sanctioned cloud apps, enterprises globally found that 17.9 percent of all files violate at least one of their DLP policies. Of those DLP-violating files, 22.2 percent are exposed publicly. What kinds of DLP policy violations happen in the cloud? Among all such violations in our cloud, PII represents the highest occurrence at 26.8 percent. PCI represents the second highest at 24.3 percent, followed by custom confidential or top secret at 16.7 percent. In what app categories do cloud DLP violations occur? Our research shows that 90 percent occur in, while 7.1 percent occur in Webmail. Other categories include Customer Relationship Management and Sales Force Automation (CRM and SFA), Social, Collaboration, and Productivity. The most common activity associated with such violations is download, followed by upload and post. We believe that, as enterprises get their arms around the first-order concern about unmanaged file sharing in the cloud, they will begin to turn their attention more to detecting and protecting sensitive data in line-of-business apps like CRM and SFA, Human Resources (HR), and Finance/Accounting. SENSITIVE DATA IN THE CLOUD 17.9% 22.2% OF all files in enterprisesanctioned cloud apps constitute a data policy violation OF THOSE are shared publicly PII 27% PCI 24% Confidential 17% Source Code 16% PHI 12% Profanity 4% 4

CLOUD APPS PER ENTERPRISE DIPS SLIGHTLY TO 715 This quarter, the average number of cloud apps in use per organization dipped slightly to 715 from 730 last quarter. Based on anecdotal customer feedback, we believe the slight decline is the result of enterprises reining in shadow IT. As IT professionals drive adoption in sanctioned apps via policy and user coaching, the effect is a decline in the number of apps. We are seeing this leveling off occur across nearly every cloud app category, especially in Collaboration and Productivity, both of which are areas of focus for enterprises as they address cloud app sprawl. In addition to the consumer and prosumer apps that organizations expect to find in use such as Twitter and Evernote line-ofbusiness apps are actually the most prevalent. Marketing remains the most prevalent app category, followed by Collaboration, Finance/ Accounting, HR, and CRM and SFA. Below are the top 10 categories in terms of number of apps per enterprise. The vast majority of these apps are not enterpriseready, with 91.9 percent scoring a medium or below in Netskope Cloud Confidence Index (CCI), an objective measure of cloud apps security, audit and certification, service-level agreement, legal, and vulnerability attributes that have been adapted from the Cloud Security Alliance. 800 700 600 550 500 450 400 461 508 WORLDWIDE 579 613 730 511 715 483 EMEA CATEGORY Marketing Collaboration Finance / Accounting Human Resources CRM / SFA Productivity Software Development Infrastructure # per ENTERPRISE 59 44 37 37 35 33 33 23 20 % that are not ENTERPRISE-READY 98% 84% 95% 97% 91% 73% 96% 93% 86% IT / Application Management 18 84% 5

DRAMATIC USAGE INCREASE IN MICROSOFT OFFICE 365 SUITE What are the top-used apps in the global Netskope Active Platform? Apps in the and Social categories dominate the top 20, with a combined 30.5 percent of usage. We define usage as number of distinct app sessions. 2 One of the most dramatic findings this quarter is the rise in usage within the for business vs. personal apps in the Microsoft Office 365 suite. Neither Office 365 Outlook nor OneDrive for Business was in the top 20 last quarter, and this quarter they occupy the number 8 and 18 spot, with usage per enterprise growing 37 and 124 percent, respectively, from last quarter. We believe that, beyond rapid adoption of the suite, the dramatic growth is owed to enterprise IT directing users to corporate-sanctioned apps via policy and user coaching. 1 Google Drive 11 Dropbox 2 Facebook Social 12 Microsoft OneDrive 3 Google Gmail Webmail 13 Salesforce CRM / SFA 4 Twitter Social 14 Evernote Productivity 5 YouTube Consumer 15 Box Storage & Collaboration 6 icloud 16 HubSpot Marketing 7 Google Docs Productivity 17 Amazon CloudDrive 8 MS Office 365 Outlook.com Webmail 18 MS OneDrive for Business 9 WebEx Collaboration 19 Slack Collaboration 10 LinkedIn Social 20 MS Live Outlook.com Webmail 2 A session is a distinct time period in which a user logs into an app, performs a series of activities, and then ceases to work in the app for a period of time. Existing usage metrics (e.g., HTTP sessions) are often inaccurate because users don t always log out following active usage. Netskope has developed a proprietary heuristic to measure a more accurate period of activity, which we define as a session. Usage is defined as number of discrete sessions. 6

Top Cloud Activities in the Netskope Active Platform The top 10 activities in the Netskope Active Platform are send, login, download, view, upload, edit, create, share, delete, and post. There was no marked difference in activities across regions, so we did not separate them. Netskope normalizes these activities across apps within categories and even across categories, so whether a user shares a file from a app or a report from a Business Intelligence one, each of those are recognized as a share activity. The activities are listed here from highest to lowest in occurrence, overall and for the top five categories. LOGIN VIEW DOWNLOAD UPLOAD EDIT CREATE SEND DELETE SHARE POST 7

TOP POLICY VIOLATIONS Beyond measuring usage and activity, we also look at policy violations within cloud apps. Policies can be enforced based on a number of factors, including user, group, location, device, browser, app, instance, category, enterprise-readiness score, DLP profile, activity, and more. Through data abstraction and normalization of those factors, we re able to discern the apps, categories, and activities surrounding a violation. Policies observed include blocking the download of PII from an HR app to a mobile device, alerting when users share documents in Cloud Storage apps with someone outside of the company, and blocking unauthorized users from modifying financial fields in Finance/ Accounting apps. The five cloud app categories with the highest volume of policy violations include, Webmail, CRM and SFA, Finance/ Accounting, Social, and CRM and SFA. The top activities that constituted a policy violation are login, download, send, view, and upload. APP CATEGORY Social Webmail CRM and SFA Application Suite Collaboration Productivity Login Upload Download Share Send 2 3 1 4 6 5 7 8 High 2 6 7 3 5 4 1 High 4 2 3 1 5 High 2 1 3 High 1 3 2 Low 1 2 High 1 2 Med View Delete Create Failed Login Post DLP Policy Sensitivity Here are the top activities globally that constituted a policy violation per cloud app category, with DLP violations noted where they apply. Just as activities can vary between apps, policy violations involving those activities can vary. For example, a policy violation involving downloading from a app can be the improper downloading of a non-public press release, whereas in a CRM/SFA app could signal theft of customer data by a departing employee. Security HR Software Development 1 Indicates highest occurrence of policyviolating activity for the category _ Activity not relevant to category 1 2 Low 1 2 Low 4 2 1 3 5 Low Policy violation included a data loss prevention profile 8

THREE QUICK WINS FOR ENTERPRISE IT Based on this quarter s findings, here are some quick wins for enterprise IT to enable cloud apps while minimizing exposure: 3 quick 1 2 3 wins FOR enterprise IT Discover sensitive content in your sanctioned apps and eliminate public access. Notify internal collaborators. Consolidate on popular apps that are also enterprise-ready. Use app discovery as a guide, and get there with user coaching. Enforce your cloud DLP policies on high-probability activities in apps containing sensitive data. Start where most violations occur: uploads and downloads in. 2015 Netskope, Inc. All rights reserved. Netskope is a registered trademark and Netskope Active, Netskope Discovery, Cloud Confidence Index, and SkopeSights are a trademarks of Netskope, Inc. All other trademarks are trademarks of their respective holders. 06/15 RS-68-1 9

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information