Following on from the news that researchers have uncovered a sinister side effect to a free app which over one million Google Chrome users have downloaded, and which potentially leaks their personal information back to a single IP address in the USA. Here to comment on this news is the security expert Eduard Meelhuysen, VP and managing director, EMEA, at Netskope.
Eduard Meelhuysen, VP and managing director, EMEA, at Netskope:
“Cloud app ecosystems pose a serious threat to enterprise security because they’re often something of a blind spot for IT. Although apps sanctioned by IT are normally secure, unsanctioned subsidiary or ‘ecosystem’ apps are creeping into the enterprise on the back of these sanctioned ‘anchor’ apps. IT doesn’t have the chance to vet these apps as they would the anchor app. This means they aren’t subject to the same security checks and therefore can pose a risk, as in the case of this Chrome extension.
Ecosystem apps are very prevalent in the enterprise. In fact Netskope research released last month found there are precious few apps that are completely unconnected from these ecosystems. 35.1 percent of all enterprise app sessions occur across four main app ecosystems in and around Box, Dropbox, Google Apps, and Salesforce. Of these, 59.3 percent are not taking place in the “anchor” apps at all, but in the ecosystem around them, a potentially insecure environment. This substantial level of ecosystem activity shows there is significant opportunity for data to be transferred to insecure apps and therefore a serious risk of data being compromised.”
Netskope™ is the leader in safe cloud enablement. Only the Netskope Active PlatformTM provides discovery, deep visibility, and granular control of sanctioned and unsanctioned cloud apps. With Netskope, IT can direct usage, protect sensitive data, and ensure compliance in real-time, on any device, and with the broadest range of deployment options in the market. With Netskope, businesses can move fast, with confidence.