APRIL CLOUD REPORT. Netskope Cloud Report for Europe, Middle East, and Africa



Similar documents
APRIL CLOUD REPORT. Netskope Cloud Report Worldwide

CLOUD REPORT OCTOBER 2014

JANUARY CLOUD REPORT 2015

OCTOBER 2014 CLOUD REPORT

SUMMER 2015 WORLDWIDE EDITION CLOUD REPORT. sensitive data in the cloud

EDITION CLOUD REPORT HEALTHCARE AND LIFE SCIENCES LEAD IN FINDING AND PREVENTING SENSITIVE DATA LOSS

Netskope Cloud Report

Netskope Cloud Report. Report Highlights. cloud report. Three of the top 10 cloud apps are Storage, and enterprises use an average of 26 such apps

SAFELY ENABLING MICROSOFT OFFICE 365: THREE MUST-DO BEST PRACTICES

Repave the Cloud-Data Breach Collision Course

The Netskope Active Platform

2H 2015 SHADOW DATA REPORT

CLOUD ADOPTION & RISK IN FINANCIAL SERVICES REPORT

Cloud Usage: Risks and Opportunities Report. September 2014

How To Read Cloud Adoption And Risk Report From Cloudtrust

CLOUD ADOPTION & RISK REPORT

The Cloud App Visibility Blind Spot

CLOUD ADOPTION & RISK IN GOVERMENT REPORT

OneDrive in Office 365

The Cloud App Visibility Blindspot

Web Protection for Your Business, Customers and Data

Develop your Legal Practice using Cloud applications, but

CLOUD ADOPTION & RISK IN HEALTHCARE REPORT

KEYS TO CLOUD APP SECURITY

Table of Contents CLOUD ADOPTION RISK REPORT INTRODUCTION...2 SENSITIVE DATA IN THE CLOUD...3

OneDrive Using Office Documents

These materials are 2015 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.

Report on App, Platform and Device Preferences from the Leader in Secure Mobility

Assessment & Monitoring

CLOUD SECURITY. Rafal Los. Renee Guttmann. Jason Clark SOLUTION PRIMER. Director, Information Security, Accuvant

THE NEW FRONTIER FOR PROTECTING CORPORATE DATA IN THE CLOUD

IC L05: Security.cloud Configuring DLP on to your flow & Applying security to your Office 365 or Google Apps deployment Hands-On Lab

Securing and Monitoring Access to Office 365

Authored by: Brought to you by. Jim Reavis, President - Reavis Consulting Group Brandon Cook, Director, Product Marketing Skyhigh Networks

Cloud Adoption Practices & Priorities Survey Report

EXECUTIVE BRIEF PON SPON. The Cloud Application Explosion. Published April An Osterman Research Executive Brief. sponsored by.

Cloud Apps and the Modern Professional: The New Business Landscape

Addressing Information Protection, Privacy & Sovereignty Concerns in Cloud Applications

Managing Privileged Identities in the Cloud. How Privileged Identity Management Evolved to a Service Platform

Digital Storage Options MAKING ROOM IN THE CLOUD

SELECTING AN ENTERPRISE-READY CLOUD SERVICE

WHITE PAPER SPON. Do Ex-Employees Still Have Access to Your Corporate Data? Published August 2014 SPONSORED BY. An Osterman Research White Paper

PREVENTIA. Skyhigh Best Practices and Use cases. Table of Contents

INCREASINGLY, ORGANIZATIONS ARE ASKING WHAT CAN T GO TO THE CLOUD, RATHER THAN WHAT CAN. Albin Penič Technical Team Leader Eastern Europe

Empowering Your Business in the Cloud Without Compromising Security

Office 365 Adoption & Risk Report

Q Published Q3 2015

WHITEPAPER. Identity Access Management: Beyond Convenience

Mimecast Large File Send

CLOUD ADOPTION & RISK IN EUROPE REPORT. Q Published Q3 2015

Google Identity Services for work

Delivery date: 18 October 2014

CLOUD ACCESS SECURITY BROKERS

PaperStream Connect. Setup Guide. Version Copyright Fujitsu

Securing Office 365 with MobileIron

Top Five Security Must-Haves for Office 365. Frank Cabri, Vice President, Marketing Shan Zhou, Senior Director, Security Engineering

Marketing Planner 2012: Social Media Monitoring Tools. The Most Effective Paid Services Explained. December

MICROSOFT OFFICE 365 EXCHANGE ONLINE CLOUD

Privilege Gone Wild: The State of Privileged Account Management in 2015

1. You will have knowledge of all the features of Yosemite and ios 8 that allow employees and business owners to collaborate on their work.

The Top 7 Ways to Protect Your Data in the New World of

Storing Information on the Cloud

Save and Share Files in the Cloud with OneDrive for Business

Active Directory Integration WHITEPAPER

RingCentral for Zendesk. Administrator Guide

Save and share files in the cloud by using OneDrive for Business

Yammer Training Guide Facilitator s Notes

WHITE PAPER AUGUST 2014

Privilege Gone Wild: The State of Privileged Account Management in 2015

FREE REPORT: Answers To The Top 5 Questions Business Owners Have About Cloud Computing

The 5 Steps to Cloud Confidence

Guideline on Access Control

Introducing OneDrive for Business

Introduction to Cloud Storage GOOGLE DRIVE

Cloud App Usage vs Data Privacy Survey:

Bad Ads Trend Alert: Shining a Light on Tech Support Advertising Scams. May TrustInAds.org. Keeping people safe from bad online ads

Samara State University of Telecommunication and Technologies

INTRODUCTION TO CLOUD STORAGE

LEARNING RESOURCE CENTRE. Guide to Microsoft Office Online and One Drive

Quick View. Folder Details

Citrix GoToAssist Service Desk Security

2015 Cloud Security Alliance All Rights Reserved

DocuSign Connect for Salesforce Guide

Working in the Cloud

FREE REPORT: Answers To The Top 5 Questions Business Owners Have About Cloud Computing

WHITE PAPER. PCI Basics: What it Takes to Be Compliant

Policy Outsourcing and Cloud Based File Sharing

Managing the Challenges of the Cloud Under the New EU General Data Protection Regulation

activecho Frequently Asked Questions

Backing up your digital image collection provides it with essential protection.

Microsoft Office 365, BYOD and ipads

Cloud App Security. Tiberio Molino Sales Engineer

8x8 Click2Pop User Guide

OneDrive for Business FAQ s Updated 6/19/14

2012 Bit9 Cyber Security Research Report

Insight Zone. Data Security Executive Interview

Can Cloud Providers Guarantee Data Privacy & Sovereignty?

SecurityMetrics Vision whitepaper

Secure your cloud applications by building solid foundations with enterprise (security ) architecture

Transcription:

APRIL 2015 CLOUD REPORT Netskope Cloud Report for Europe, Middle East, and Africa

REPORT HIGHLIGHTS Organisations have 511 cloud apps in use on average, 87.0 percent of which aren t enterprise-ready More than 15.1 percent of organisations have more than 1,000 cloud apps Globally, 21.6 percent of Salesforce access originates from a login credential stolen in a major breach Globally, 13.6 percent of enterprise users have had their accounts credentials compromised Globally, 70.0 percent of uploads by people with compromised accounts are to apps rated poor in terms of enterprise-readiness In this inaugural edition of the Netskope Cloud Report for Europe, Middle East, and Africa, we ve compiled the most interesting trends on cloud app adoption and usage based on aggregated, anonymized data from the Netskope Active Platform. Report findings are based on usage seen across millions of users in hundreds of accounts in the global Netskope Active Platform, and represent usage trends from January-March 15, 2015. 2

511 CLOUD APPS PER ENTERPRISE In Europe, Middle East, and Africa, the average number of cloud apps in use per oganisation in the Netskope Active Platform is 511 cloud apps. 87.0 percent of those apps aren t enterprise-ready, scoring a medium or below in the Netskope Cloud Confidence Index 1 (CCI), an objective measure of cloud apps security, auditability, and business continuity that has been adapted from the Cloud Security Alliance. Despite many IT professionals acknowledging that shadow IT is alive and well in their organisations, many continue to underestimate its magnitude, predicting about one-tenth of the number of cloud apps that Netskope discovers. More than one-fourth of organisations in the global Netskope cloud have more than 1,000 apps. In EMEA, more than 15.1 percent of organisations in the Netskope cloud have more than 1,000 apps. ORGANIsATIONS HAVE 511 87.0% cloud apps in use on average OF WHICH AREn T enterprise ready More than 15% of organisations have more than 1,000 cloud apps 1 The Netskope Cloud Confidence Index is a database of thousands of cloud apps that are evaluated on 40+ objective enterprise-readiness criteria adapted from the Cloud Security Alliance, including security, auditability, and business continuity. The results of the evaluation are normalized to a 0 100 score and mapped to five levels ranging from poor to excellent. 3

Cloud app usage by category In addition to the consumer and prosumer apps that organisations expect to find in use such as Twitter, Dropbox, and Microsoft OneDrive line-of-business apps are actually the most prevalent in the Netskope cloud in Europe, Middle East, and Africa. Marketing is the most prevalent app category, followed by, Collaboration, Customer Relationship Management and Salesforce Automation, and Productivity. Below are the top 10 categories in terms of number of apps per enterprise. The vast majority of these apps are not enterprise-ready, with more than 90 percent of apps in categories like HR and Finance/Accounting rated a medium or below in the CCI. CATEGORY Marketing Collaboration CRM/SFA Productivity Software Development Finance/Accounting Human Resources Content Management # PER ENTERPRISE 53 37 34 29 24 24 24 23 19 16 % THAT ARE NOT ENTERPRISE READY 99.0% 60.7% 73.7% 85.0% 96.2% 89.3% 90.9% 76.4% 95.8% 96.5% 4

Most-used enterprise cloud apps What are the top-used apps in the global Netskope Active Platform? As in past reports, and apps dominate the top 20. This quarter, and apps represent 32 percent of total use globally, and 27.3 percent of total usage in EMEA. Other categories represented in the top 20 include Webmail, Collaboration, Customer Relationship Management/Salesforce Automation (CRM/SFA), Finance/ Accounting, and Telecom. We define usage as number of distinct app sessions. APP CATEGORY APP CATEGORY 1 Google Drive 11 SmartDraw Productivity 2 Facebook 12 Dropbox 3 Twitter 13 RingCentral Telecom 4 icloud 14 Workday Financial Management Finance/ Accounting 5 Salesforce CRM / SFA 15 Infor Business Process Management 6 Google Plus 16 Box Storage & Collaboration 7 Microsoft OneDrive For Business 17 DocuSign Electronic Signature 8 Microsoft OneDrive 18 Google Hangouts Collaboration 9 LinkedIn 19 IntraLinks Collaboration 10 Google Gmail Webmail 20 SuccessFactors Human Resources A session is a distinct time period in which a user logs into an app, performs a series of activities, and then ceases to work in the app for a period of time. Existing usage metrics (e.g., HTTP sessions) are often inaccurate because users don t always log out following active usage. Netskope has developed a proprietary heuristic to measure a more accurate period of activity, which we define as a session. Usage is defined as number of discrete sessions. 5

COMPROMISED ACCOUNTS In this report, we augment the research on compromised accounts that we introduced in the global January report. In that report, we shared our analysis and estimated that 15 percent of enterprise user accounts had been compromised. Today, we calculate that 13.6 percent of enterprise users in the Netskope Active Platform have had their accounts compromised in a breach (typically outside of their own enterprise). As we pull this data into the Netskope Active Platform, we examine usage data for these compromised accounts. Within accounts that both use Salesforce and have compromised accounts, 21.6 percent of logins to Salesforce were by users whose accounts have been compromised. This is important because many people re-use passwords, or variations of passwords, across multiple accounts. It is important to understand which of those are accessing, and how they re using, your most business-critical cloud apps. We also examined particular activities, such as upload and download, of users with compromised accounts. Seven out of 10 uploads by such users are to cloud apps with a poor rating per the Netskope Cloud Confidence Index, versus three out of 10 for a typical user. Similarly, five out of 10 downloads by such users are from poor apps, also versus three out of 10 for a typical user. Organisations with compromised accounts should pay particular attention to activities within business-critical apps, or ones within those apps ecosystems. 21.6% of Salesforce access is by users who ve had their accounts compromised in a data breach 13.6% 70.0% of enterprise users have had their account credentials compromised of uploads by people with compromised accounts are to apps with a security rating of poor 6

TOP CLOUD App ACTIVITIES Aside from login, the top activities in cloud apps include download, send, view, upload, edit, and share. There was no marked difference in activities across regions, so we did not separate them. Netskope normalizes these activities across apps within categories and even across categories, so whether a user shares a file from a app or a report from a Business Intelligence one, each of those are recognized as a share activity. The activities are listed here from highest to lowest in occurrence: Top Cloud Activities Globally DOWNLOAD SEND VIEW UPLOAD CLOUD STORAGE WEBMAIL FINANCE/ ACCOUNTING SOCIAL CRM/SFA EDIT SHARE CREATE Upload Send Edit Create Invite Share DELETE POST INVITE 7

TOP POLICY VIOLATIONS IN cloud apps Beyond measuring usage and activity, we also look at policy violations within cloud apps. Policies can be enforced based on a number of factors, including user, group, location, device, browser, app, instance, category, enterprise-readiness score, DLP profile, activity, and more. Through data abstraction and normalization of those factors, we re able to discern the apps, categories, and activities surrounding a violation. Policies observed include: blocking the download of personally-identifiable information from an HR app to a mobile device, to alerting when users share documents in apps with someone outside of the company, to blocking unauthorized users from modifying financial fields in Finance/Accounting apps. The five cloud app categories with the highest volume of policy violations include Webmail,,, CRM and SFA, and HR. The top activities that constituted a policy violation are download, upload, share, login, and login attempt. Below are the top activities globally that constituted a policy violation per cloud app category. Just as activities can vary between apps, policy violations involving those activities can vary. For example, a policy violation involving downloading from a app can be the improper downloading of a non-public press release, whereas in a CRM/SFA app could signal theft of customer data by a departing employee. CLOUD STORAGE WEBMAIL FINANCE/ ACCOUNTING SOCIAL CRM/SFA Upload Send Edit Create Invite Share 8

Top Policy Violation Activities and App Categories Top cloud app activities that constitute policy violations Data loss prevention policy violations Data loss prevention policy violations involving the download of data outnumber those involving the upload of it by more than two-to-one, practically the reverse of January s report. The three top categories for DLP policy violations include: Upload Share Attempt Failed CLOUD STORAGE WEBMAIL CRM / SFA 3 DLP top categories for policy violations Delete View Edit Volume of policy violations is measured as number of times a defined policy or set of policies are triggered by that combination of parameters being met, e.g., a sales user on a mobile device tries to upload content that matches the PCI DLP profile. 2015 Netskope, Inc. All rights reserved. Netskope is a registered trademark and Netskope Active, Netskope Discovery, Cloud Confidence Index, and SkopeSights are a trademarks of Netskope, Inc. All other trademarks are trademarks of their respective holders. 04/15 RS-61-1 9

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information