More than 4% of enterprises have put their data at risk by sanctioning cloud apps laced with malware, according to research released by cloud security provider Netskope.
The study, which uses anonymised data from millions of users in the global Neskope Active Platform, found 88% of apps used were not enterprise-ready, while almost half (43%) of apps analysed keep data for more than a week after the service has ended, going against the upcoming EU General Data Protection Regulation (GDPR).
This represents another warning sign for businesses to become compliant before the regulations take hold, within two years of the GDPR becoming law in spring of this year. Previous research from Netskope, as this publication has examined, found almost 80% of IT pros were not confident of making the 2018 deadline. Eduard Meelhuysen, VP EMEA at Netskope, wrote at the time: “The GDPR will have significant and wide-ranging consequences for both cloud-consuming organisations and cloud vendors, and security teams will need to make the most of the two-year grace period before penalties for non-compliance come into force.”
Of the 88% of apps analysed which aren’t enterprise secure, the key failing were auditing and certification, service level agreements, vulnerability remediation, and legal, privacy and financial viability. Perhaps not surprisingly, technology and IT services represent the highest number of cloud apps per enterprise on average (794), ahead of healthcare and life sciences (773) and retail, restaurants and hospitality (734).
Netskope warns that employees can be unwittingly spreading malware throughout their company through using unsanctioned cloud storage apps from multiple devices. “More than ever, it’s imperative that organisations have complete visibility into and real-time actionable control over their cloud app usage to better monitor and understand trends and vulnerabilities,” said Sanjay Beri, co-founder and CEO of Netskope.
Elsewhere, Microsoft has eclipsed Google in cloud app usage for the first time in Netskope’s reports, with Outlook and Office 365 OneDrive overtaking Gmail and Google Drive respectively.
Enterprises given another warning over cloud app GDPR compliance