Netskope Report: User-Led HR, Marketing, and Collaboration Applications are Most-Used, Despite Pending GDPR

 

Over Ninety Percent of Organizational Cloud Services Not Enterprise-Ready

Netskope, the leader in cloud security, today announced the release of the February 2018 Netskope Cloud Report on enterprise cloud service usage and trends. A key finding of the report was that the HR and marketing categories had the highest number of services per organization, with an average of 139 services and 121 services, respectively. The report also saw growth in the number of cloud services used in the enterprise compared to last quarter, with enterprises deploying an average of 1,181 cloud services. Of the services used, fewer than 8 percent were classified as enterprise-ready.

HR and Marketing Lead the Pack, But Often Under IT’s Radar

Because many HR and marketing apps are often user-led (meaning the organization has little, if any visibility or control over the app) and contain sensitive, personally-identifiable information, when creating policies and access controls to secure data security teams should prioritize HR and collaboration apps. Many of the top HR apps in use, like SuccessFactors and Workday, contain personal data, necessitating DLP (Data Loss Prevention) and access controls to ensure usage of that data remains in compliance. Furthermore, many marketing apps qualify as shadow IT, or unsanctioned apps, containing customer or prospect data that is covered by regulations such as GDPR.

Banking and cryptocurrency-related malware are top-of-mind, but not most common

This quarter, the Netskope Threat Research Labs found that generic types of malware, such as Flash exploits and worms, made up the highest percentage of detections —  41.6 percent —  followed by backdoors, which accounted for 33.6 percent. Cryptocurrency-related malware continues to trend with banking-related malware, appearing on Netskope’s list of commonly detected malware classes with greater prevalence.

Additional malware variants included Microsoft Office macros (8.6 percent), PDF exploits (3.2 percent), ransomware (3.1 percent), Mac malware (2.3 percent), JavaScript malware (1.5 percent), mobile malware (1.1 percent), PowerShell (0.5 percent) and cryptocurrency-related malware (0.4 percent).

“Cloud services have made business units like human resources and marketing more agile and productive, but at the same time the data in those cloud services needs to be safe from loss,” said Sanjay Beri, CEO and founder of Netskope. “With less than a quarter to go until the GDPR becomes reality, businesses must ensure compliant usage of cloud services. This means introducing contextual, activity-level policies, as well as deterring all employees from non-compliant actions such as uploading sensitive data to unsanctioned, user-led cloud services.”

Average Cloud Services Per Enterprise by Category

This quarter, the average number of cloud services per enterprise increased by 1.6 percent to 1,181 cloud services, compared to 1,022 last quarter. The vast majority, 92.7 percent of these services, are not enterprise-ready (NER), earning a rating of “medium” or below in the Netskope Cloud Confidence Index™ (CCI). Non-enterprise ready services can become enterprise-ready through the assistance of fine-grained control via a cloud access security broker (CASB).

HR and marketing services are the most highly used in organizations in terms of average number, followed by collaboration services.

Based on aggregated, anonymized data from the Netskope Active Platform, which provides advanced discovery, granular visibility, and control, and data loss prevention for any cloud service, the report’s findings are based on millions of users in hundreds of accounts globally in the Netskope Active Platform from October 1 through December 31, 2017.

Netskope is the leader in cloud security. Using patented technology, Netskope’s cloud-scale security platform provides context-aware governance of all cloud usage in the enterprise in real time, whether accessed from the corporate network, remote, or from a mobile device. This means that security professionals can understand risky activities, protect sensitive data, stop online threats, and respond to incidents in a way that fits how people work today. With granular security policies, the most advanced cloud DLP, and unmatched breadth of workflows, Netskope is trusted by the largest companies in the world. Netskope — security evolved.

Read More: Qualcomm Announces New Snapdragon 845 Mobile VR Reference Design To Fuel VR Experiences