European organisations have an average of 511 cloud apps; an average which rises to 730 at a global level
- Compromised credentials continue to haunt cloud app usage: 13.6 percent of enterprise users have had their log-in details compromised
- 70 percent of uploads to cloud apps by people with compromised accounts are to apps rated “poor” in terms of enterprise-readiness
Netskope, the leader in safe cloud enablement, today released the April 2015 Netskope Cloud Report™ which revealed that cloud app usage continues to grow across enterprise organisations with 15.1 percent of European organisations now using over 1,000 cloud apps.
At a global level, more than 25 percent of organisations in the Netskope Cloud now use more than 1,000 apps and the average number of cloud apps (both sanctioned and unsanctioned) in use now stands at 730 – a 16 percent increase from the previous quarter. The April 2015 Netskope Cloud Report separates out European data for the first time, with an average of 511 cloud apps in use within European firms. At both a global and European level, nine out of every ten apps in use today are not enterprise ready, scoring a “medium” or below in the Netskope Cloud Confidence IndexTM (CCI).
The Netskope Cloud Report monitors enterprise cloud app usage and trends, and this edition also highlights the continued impact of compromised cloud app credentials on enterprises globally. According to the report:
- 13.6 percent of app users have had their log-in details compromised
- more than seven out of ten uploads from users with compromised accounts are to apps with a “poor” rating in the Netskope Cloud Confidence Index
- 23.6% of access to cloud CRM apps is by users who have had their accounts compromised in a data breach
“While there’s a more common understanding and acceptance of ‘shadow IT’ across organisations, there’s a corresponding rise in the volume of unsanctioned cloud apps in use,” said Sanjay Beri, CEO and founder, Netskope. “This should make IT teams stop and think, but it’s not a cause for mass panic. Like it or not, this is the new reality for IT; it’s thus critical that organisations maintain a deep level of visibility and governance over their cloud app infrastructure so they can spot and mitigate a suspicious pattern before it becomes an issue.”
Top 10 most popular cloud app categories
In addition to the consumer and prosumer apps that organisations expect to find in use (such as Twitter, Dropbox, and Evernote) line of business apps are most prevalent within organisations. Marketing remains the most prevalent category; however, nearly all marketing apps rate at a “medium” or below on the CCI. More than 90 percent of apps in categories including Human Resources, Productivity, Content Management and Finance/Accounting also rate at a “medium” or below on the CCI.
| Category | Number per Enterprise | Percent Not Enterprise-Ready | |
| 1 | Marketing | 53 | 99.0% |
| 2 | Cloud Storage | 37 | 60.7% |
| 3 | Collaboration | 34 | 73.7% |
| 4 | CRM/SFA | 29 | 85.0% |
| 5 | Productivity | 24 | 96.2% |
| 6 | Software Development | 24 | 89.3% |
| 7 | Finance/Accounting | 24 | 90.9% |
| 8 | Social | 23 | 76.4% |
| 9 | Human Resources | 19 | 95.8% |
| 10 | Content Management | 16 | 96.5% |
Top-used apps in business
As in past reports, Cloud Storage and Social apps dominate the top 20 apps used in business across Europe, and comprise nearly a third (32 percent) of total cloud app usage. Based on distinct app sessions, the top used apps reflect all cloud app access points tracked by the Netskope Active Platform[1]. Other categories represented include Webmail, Collaboration, and Customer Relationship Management/Salesforce Automation (CRM/SFA).
| Cloud App | Category | |
| 1 | Google Drive | Cloud Storage |
| 2 | Social | |
| 3 | Social | |
| 4 | iCloud | Cloud Storage |
| 5 | Salesforce | CRM/SFA |
| 6 | Google Plus | Social |
| 7 | Microsoft OneDrive For Business | Cloud Storage |
| 8 | Microsoft OneDrive | Cloud Storage |
| 9 | Social | |
| 10 | Google Gmail | Webmail |
| 11 | SmartDraw | Productivity |
| 12 | Dropbox | Cloud Storage |
| 13 | RingCentral | Telecom |
| 14 | Workday Financial Management | Finance/Accounting |
| 15 | Infor | Business Process Management |
| 16 | Box | Storage and Collaboration |
| 17 | DocuSign | Electronic Signature |
| 18 | Google Hangouts | Collaboration |
| 19 | IntraLinks | Collaboration |
| 20 | SuccessFactors | Human Resources |
Top policy violations
Policies can be enforced based on a number of factors, including user, group, location, device, DLP profile, activity, and more. Policies observed include: blocking the download of personally-identifiable information from an HR app to a mobile device; to alerting when users share documents in Cloud Storage apps with someone outside of the company; to blocking unauthorised users from modifying fields in Financial/Accounting apps. Data loss prevention (DLP) policy violations involving the download of data outnumber those involving the upload of it by more than two to one. The three top categories for DLP policy violations include Cloud Storage, Webmail, and CRM/SFA.
Top Activities Triggering Policy Violation
- Download
- Upload
- Share
- Login
- Delete
To download the Netskope Cloud Reort, please click here.
About the Netskope Cloud Report
Based on aggregated, anonymised data from the Netskope Active Platform, which provides discovery, deep visibility, and granular control over any cloud app, the report’s findings are based on millions of users in hundreds of accounts in the global Netskope Active Platform from January – March 2015.
About Netskope
Netskope™ is the leader in safe cloud enablement. Only the Netskope Active PlatformTM provides discovery, deep visibility, and granular control of sanctioned and unsanctioned cloud apps. With Netskope, IT can direct usage, protect sensitive data, and ensure compliance in real-time, on any device, including native apps on mobile devices and whether on-premises or remote, and with the broadest range of deployment options in the market. With Netskope, businesses can move fast, with confidence. Serving a broad customer base including leading healthcare, financial services, high technology, and retail enterprises, Netskope has been named to CIO Magazine’s top 10 cloud security startups and featured in such business media as CBS News, Wall Street Journal, and Forbes. Netskope is headquartered in Los Altos, California. Visit us at www.netskope.com and follow us on Twitter @Netskope.
[1] Includes perimeter device (e.g., firewalls, gateways, etc.) log analysis and real-time visibility of campus PC, remote PC, and mobile device (e.g., smartphones, tablets).
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.