Netskope Cloud Report



Similar documents
APRIL CLOUD REPORT. Netskope Cloud Report Worldwide

APRIL CLOUD REPORT. Netskope Cloud Report for Europe, Middle East, and Africa

Netskope Cloud Report. Report Highlights. cloud report. Three of the top 10 cloud apps are Storage, and enterprises use an average of 26 such apps

How To Read Cloud Adoption And Risk Report From Cloudtrust

SAFELY ENABLING MICROSOFT OFFICE 365: THREE MUST-DO BEST PRACTICES

CLOUD ADOPTION & RISK REPORT

Table of Contents CLOUD ADOPTION RISK REPORT INTRODUCTION...2 SENSITIVE DATA IN THE CLOUD...3

Assessment & Monitoring

CLOUD ADOPTION & RISK IN GOVERMENT REPORT

CLOUD SECURITY. Rafal Los. Renee Guttmann. Jason Clark SOLUTION PRIMER. Director, Information Security, Accuvant

Cloud Adoption & Risk Report Q3 2013

THEODORA TITONIS VERACODE Vice President Mobile

These materials are 2015 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.

You simply need to define your flows and triggers; Built.io Flow will do the rest for you.

1 CA SECURITY SAAS VALIDATION PROGRAM 2015 ca.com. CA Security SaaS Validation Program. Copyright 2015 CA. All Rights Reserved.

Cloud Collaboration: Strategies and Technologies. Bud Porter-Roth Porter-Roth Associates

Storage Made Easy. Cloud File Server Overview

Securing and Monitoring Access to Office 365

Web Protection for Your Business, Customers and Data

The Netskope Active Platform

FROM TACTIC TO STRATEGY:

CLOUD ADOPTION & RISK IN EUROPE REPORT. Q Published Q3 2015

SaaS. A Cost Reduction Strategy or a Source of Strategic Advantage? Paul Selway Solution Architect

HootSuite - G- Cloud Services Description

Top Five Security Must-Haves for Office 365. Frank Cabri, Vice President, Marketing Shan Zhou, Senior Director, Security Engineering

Addressing Information Protection, Privacy & Sovereignty Concerns in Cloud Applications

Six Best Practices for Cloud-Based IAM

WHITE PAPER AUGUST 2014

How cloud computing can transform your business landscape

Office 365 Adoption & Risk Report

Quick guide: Using the Cloud to support your business

Solve the Dropbox Problem with Enterprise Content Connectors. Whitepaper Solve the Dropbox Problem with Enterprise Content Connectors

Fidelis XPS Power Tools. Gaining Visibility Into Your Cloud: Cloud Services Security. February 2012 PAGE 1 PAGE 1

Protecting Your Data On The Network, Cloud And Virtual Servers

CLOUD ACCESS SECURITY BROKERS

HubSpot CRM & Salesforce:

How to select the right Marketing Cloud Edition

Executive s Guide to Cloud Access Security Brokers

Solving Common Sales & Marketing Problems Using Marketing Automation Software (MAS) Presented on 24/9/2014 at SEM Days, Bucharest,

OneDrive in Office 365

Cloud Security: Getting It Right

Cloud Computing Overview

Security Issues with Sharing (Cloud Storage Services) Kalyani Haridasyam EECS710: Information Security and Assurance University of Kansas

Mohammad M Zaman

efolder White Paper: 3 Little-Known Risks Associated with Leading Cloud Services

Securing Content: The Core Currency of Your Business. Brian Davis President, Net Generation

Customer Success Platform Buyer s Guide

OneDrive Using Office Documents

Benefits of using Marketing Automation Software as part of your content marketing strategy

Introduction to Cloud Storage GOOGLE DRIVE

COLLABORATION TRENDS AND TECHNOLOGY

Integration Guide. Enterprise Identity by BlackBerry

Securing Office 365 with MobileIron

Outline. What is cloud computing? History Cloud service models Cloud deployment forms Advantages/disadvantages

How to Provide Secure Single Sign-On and Identity-Based Access Control for Cloud Applications

HTTPS Inspection with Cisco CWS

Cloud Adoption Practices & Priorities Survey Report

KEVY INTEGRATIONS EXACTTARGET AND CRM

Office365 Adoption eguide. Identity and Mobility Challenges. Okta Inc. 301 Brannan Street San Francisco, CA

Cybersecurity Practices of Ohio Investment Advisers; A Summary of Survey Responses

Marketo. Case Study: Marketo uses Hootsuite to improve lead quality and maintain 93% customer satisfaction. Introduction: Breaking Down Business Silos

Best Practices for What Files Do I Put Where? How to navigate the many options for digital storage

What is OneDrive for Business?

Top Five Ways Any Business Can Benefit from Box

Transcription:

cloud report JUL 2014 Netskope Cloud Report In this quarterly Netskope Cloud Report, we ve compiled the most interesting trends on cloud app adoption and usage based on aggregated, anonymized data from the Netskope Active Platform. A key theme this quarter is sharing in cloud apps. Sharing is an activity most people associate with cloud storage apps, but we found a range of non-storage apps that enable sharing. In fact, 49 out of the 55 categories we track have apps that enable sharing. One out of every five apps in use in our cloud from business intelligence to software development to HR lets users share files, links, reports, or other content. The average number of cloud apps in use per organization grew to 508 this quarter from 461 last quarter. 88.4 percent of those apps aren t enterprise-ready, and 73.6 percent of total usage is in such apps, both up from last quarter. Despite these increases, our observation is that IT is becoming more aware of this issue. In a recent survey1 conducted by the Ponemon Institute, IT and security professionals estimated that 45 percent of their applications are cloud-based. They are now starting to turn their attention to what s happening in those cloud apps. For this report, we analyzed activities and policy violations in the Netskope Active Platform. The top activities were,,,, and upload, and the greatest number of policy violations occurred in cloud storage, customer relationship management/salesforce automation, collaboration, HR, and finance and accounting apps. Policy violations can be defined granularly in the product, so they vary from the of personally-identifiable HR information to mobile devices to content sharing with people outside of a company. Report findings are based on tens of billions of cloud app events seen across millions of users and represent usage trends from April-June 2014. Report Highlights Organizations have 508 apps in use on average 88.4% of these apps are not enterprise-ready There are 3 shares for every 1 upload in cloud storage The top policy violations include,,,, and

Cloud Adoption Climbs in Enterprises Overall, enterprises using the Netskope Active Platform have an average of 508 cloud apps, up from 461 last quarter. 88.4 percent of those apps aren t enterprise-ready, scoring a medium or below in the Netskope Cloud Confidence Index 2, an objective measure of cloud apps security, auditability, and business continuity that has been adapted from the Cloud Security Alliance. Moreover, 73.6 percent of total usage is in such apps. Despite an increase in both number and usage in non enterprise-ready apps, our observation is that IT is becoming more aware of this issue. In a recent survey conducted by the Ponemon Institute, IT and security professionals estimated that 45 percent of their applications are cloud-based. They are now starting to turn their attention to what users are doing in those cloud apps. What are the top apps in the enterprise? # APP NAME CATEGORY # APP NAME CATEGORY 1 Google Drive 11 Evernote Productivity 2 Facebook Social 12 LivePerson Call Center 3 Google Gmail Webmail 13 OneDrive 4 Twitter Social 14 Cisco Webex Collaboration 5 Amazon CloudDrive 15 icloud 6 LinkedIn Social 16 Yammer Social 7 Dropbox 17 Concur Finance/ Accounting 8 Pinterest Consumer 18 Box / Collaboration 9 Microsoft Office 365 Collaboration 19 ServiceNow Infrastructure 10 SalesForce CRM and SFA 20 Constant Contact Marketing

Cloud Adoption Climbs (continued) According to usage seen in the Netskope Active Platform, Google was well represented, with Google Drive and Gmail in two of the top three spots. Like last quarter, storage and social apps dominate the top 20 list and represent 48.8 percent of total usage in Netskope. We define usage as number of distinct app sessions3. Even though the top used cloud apps are mostly social and storage, where things start to get interesting is in app adoption by departments and lines of business for business-critical activities like finance and human resources. The top five categories in terms of apps per enterprise are: marketing, HR, collaboration, storage, and finance/accounting. These are the same top five categories as in last quarter s report, but the big delta is marketing, which increased by 14 apps per enterprise. While marketing is a broad category, we believe this significant and growing figure has to do with the larger trend that Chief Marketing Officers are increasingly spending more of organizations IT budgets to accommodate sophisticated digital marketing campaigns. While not always in the top used apps, cloud marketing apps like Constant Contact, ExactTarget, Marketo, HubSpot, and Hootsuite are ever-present and highly used across a large swath of the business world. As shown below, the percentage of non enterprise-ready apps is even more dramatic in marketing, collaboration, and finance/accounting apps. Five most prevalent categories in Netskope Active Platform 61 98.3% 39 72.7% marketing HR 38 96.6% collaboration 34 82.7% storage 32 97.8% finance/ accounting APPS IN USE PER ENTERPRISE BY CATEGORY PERCENT OF APPS THAT AREN T ENTERPRISE-READY

What Makes Apps Less Enterprise-Ready? What makes some apps less enterprise-ready than others? Key contributors include whether the app enables auditing of user, administrator, and data access activities; offers security features such as support for multi-factor authentication, encryption of data-at-rest, and separation of tenant data in the cloud; and has well-defined business continuity plans and procedures in the case of technology failure or natural disaster. We look at a few of the contributors below alongside other key attributes of cloud apps in our cloud. Cloud App Flaws: Usage 100% 80 % 60% 77.1% 76.0% 72.9% 40% 20% 0% No separation of data in the cloud Apps blocked by perimeter technology 22.9% No support for multi-factor authentication No published disaster recovery plan Cloud App Flaws: Data Uploaded 100% 80% Data at rest not encrypted 23.3% 84.6% 60% 81.3% 72.8% 58.2% 40% 39.2% 20% 0% File-sharing enabled No separation of data in the cloud Apps blocked by perimeter technology No support for multi-factor authentication Cloud App Flaws: Data Downloaded 100% 80 Data at rest not encrypted % 60% 81.3% 63.0% 51.8% 40% 20% 0% Data at rest not encrypted Apps blocked by perimeter technology No separation of data in the cloud 18.6% 18.4% No support for multi-factor authentication No data access audit logs

Sharing Is Alive And Well In Cloud Apps And Not Just In Sharing is alive and well in the Netskope Active Platform. Sharing is an activity most people associate with files and folders in cloud storage apps. In fact, for every one upload in this category, there are more than three shares. However, we found that this activity goes well beyond storage. More than one out of every five apps in our cloud enables sharing, and 49 out of the 55 categories we track also do. Here are the top ten non-storage apps for sharing in Netskope: SOCIAL CRM/SFA & HR PRODUCTIVITY & COLLABORATION FINANCE/ ACCOUNTING Facebook SalesForce Evernote Quickbooks Yammer Workday Trello Concur LinkedIn Zoho Sharing in cloud apps is a sensitive topic for IT and security groups. They are usually responsible for protecting an organization s sensitive data, and yet they lack visibility into the apps running in their environments, which of those apps enable sharing, and whether data are being uploaded to and shared from those apps. Sharing can be very benign or very risky, depending on content and context. It can range from a user sharing pictures from a company picnic to an insider sharing non-public financial results with investors, an engineer sharing top secret product designs with collaborators outside of the company, or an executive inadvertently sharing the company s acquisition plans with an unauthorized party.

Top Cloud App Activities IN THE NETSKOPE ACTIVE PLATFORM The top activities in the Netskope Active Platform include,,,, and upload. Netskope normalizes these activities across apps within categories and even across categories, so whether a user modifies a customer record in a CRM app or s a vendor field in an expense reporting one, both of those are recognized as an. Top cloud app activities in the Netskope Active Platform upload Within the five categories with the highest volume of activity4, the top activities are as follows: Top cloud app activities by cateogry in the Netskope Active Platform storage crm & sfa collaboration consumer collaboration upload post upload

Top Policy Violations IN THE NETSKOPE ACTIVE PLATFORM Beyond measuring usage and activity, we also look at policy violations in the Netskope Active Platform. Customers can define policies very granularly, taking into consideration user, group, location, device, browser, app, instance, category, enterprise-readiness score, DLP profile, activity, and more. While we abstract a normalized set of apps, categories, and activities that constitute a violation, the actual policies can range broadly from blocking the of personally-identifiable information from an HR app to a mobile device, to alerting on users sharing documents in cloud storage apps with anyone outside of the company, to blocking unauthorized users from modifying financial fields in finance/accounting apps. The five cloud app categories with the highest volume of policy violations5 include cloud storage, customer relationship management/salesforce automation, collaboration, HR, and finance and accounting. The top categories for data loss prevention (DLP) violations are cloud storage, webmail, customer relationship management/salesforce automation, social, and infrastructure. The top activities that constituted a policy violation are,,,, and. Below are the top activities that constituted a policy violation per cloud app category. Just as activities can vary between apps, policy violations involving those activities can vary. For example, a policy violation involving ing in a cloud storage app can be the improper ing of a non-public press release, whereas in a CRM and SFA app could signal theft of customer data by a departing employee. Top Cloud App Activities that Constitute Policy Violations in the Netskope Active Platform

Top Policy Violations (Continued) Top Cloud App Policy Violations by Category in the Netskope Active Platform storage crm & sfa collaboration hr finance/accounting terminate Notes 1. Additional details on the Ponemon Institute survey available at this URL: http://www.netskope.com/reports/ponemon-2014-data-breach-cloud-multiplier-effect/ 2. The Netskope Cloud Confidence Index is a database of more than 5,000 cloud apps that are evaluated on 40+ objective enterprise-readiness criteria adapted from the Cloud Security Alliance, including security, auditability, and business continuity. The results of the evaluation are normalized to a 0 100 score and mapped to five levels ranging from poor to excellent. 3. A session is a distinct time period in which a user logs into an app, performs a series of activities, and then ceases to work in the app for a period of time. Existing usage metrics (e.g., HTTP sessions) are often inaccurate because users don t always log out following active usage. Netskope has developed a proprietary heuristic to measure a more accurate period of activity, which we define as a session. Usage is defined as number of discrete sessions. 4. Volume of activity is measured as number of discrete activities such as share,, upload, etc. 5. Volume of policy violations is measured as number of times a defined policy or set of policies are triggered by that combination of parameters being met, e.g., a sales user on a mobile device tries to upload content that matches the PCI DLP profile.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information