Quarterly report on enterprise cloud app usage also sees more than half of malware-infected files in cloud apps shared with others
London, UK. Netskope, the leader in cloud security, announced the release of the September 2016 Netskope Cloud Report™ on enterprise cloud app usage and trends. In response to the growing threat of ransomware across enterprises, the report took a closer look at the prevalence of ransomware and how it spreads through cloud apps within an organisation. According to the report, 43.7 per cent of malware found in enterprises cloud apps have delivered ransomware, and 55.9 per cent of malware-infected files found in cloud apps are shared publicly. The report also found that enterprises, on average, have 824 cloud apps in use, up from 777 last quarter.
Ransomware Emerges as One of the Most Prevalent Forms of Malware
For the third quarter running, Netskope Threat Research Labs examined the presence of malware in enterprises, finding that there are on average 26 pieces of malware found in cloud apps across a given organisation. 56 per cent of malware-infected files in cloud apps are shared with internal or external users, or shared publicly.
Of the malware types detected, 43.7 per cent are common ransomware delivery vehicles, including Javascript exploits and droppers, Microsoft Office macros and PDF exploits. These ransomware attacks are often initially delivered through phishing and email attacks, but within cloud environments, infected and encrypted files can quickly spread to other users through cloud app sync and share functionality in what is known as the fan-out effect.
Additional Findings
- Microsoft Beats Out Google, Facebook as Most Popular Cloud App
Among the top 20 most used apps, Microsoft continues to lead Google, with Office 365 Outlook.com and OneDrive for Business beating out their counterparts from other vendors in session volume. Microsoft productivity apps are the number one and two most popular apps, unseating Facebook from its spot at No. 1 for the first time. This shows that Microsoft Office 365 adoption remains strong among enterprises.
- Slack Cracks the Top 20 Amid Increasing Enterprise Popularity
Supporting the notion that enterprises are eagerly adopting new collaboration tools, Slack has entered the top 20 most popular apps for the first time. Security teams will need to prioritise this trend and pay close attention to sensitive information being shared within collaboration apps, and prioritise visibility into and control over the apps with which Slack is integrated and sharing data.
- Cloud Storage Apps Responsible for Vast Majority of Cloud Data Loss Prevention (DLP) Violations
Cloud storage apps dominate cloud DLP violations accounting for 76.5 per cent of all violations, followed by webmail at 18.6 per cent. Within cloud storage apps, manufacturing-focussed enterprises had the largest percentage of DLP violating files, at 24 per cent of all files scanned, followed by Technology and IT Services at 15 per cent and Healthcare and Life Sciences at 11 per cent.
“Our priority has always been giving IT teams the tools they need to not only have visibility into employee app usage and activity, but also understand and take action against the ways sensitive information can be shared or make its way into the wrong hands,” said Sanjay Beri, founder and CEO, Netskope. “With the rise of ransomware, the cloud threat landscape is now increasingly complicated; IT teams need deeper intelligence, protection, and remediation that can help them stop malware and ransomware in their tracks and prevent them from spreading.”
Enterprise Cloud App Usage Continues to Rise: Breakdown of Cloud Apps By Industry
Netskope found that enterprises, on average, have 824 cloud apps in use — up from 777 last quarter. 94.7 per cent of those apps are not considered “enterprise-ready” according to the Netskope Cloud Confidence Index™ scoring system, meaning they lack key functionalities such as security, audit and certification, service-level agreement, legal, privacy, financial viability, and vulnerability remediation.
Technology and IT Services organisations had the highest number of cloud apps in use, averaging 855 per organisation. This was followed by Healthcare and Life Sciences, which had 836 cloud apps in use per organisation.
|
Industry Group |
Number of Cloud Apps Per Enterprise |
|
|
1 |
Technology and IT Services | 855 |
|
2 |
Healthcare and Life Sciences |
836 |
|
3 |
Retail, Restaurants, and Hospitality |
787 |
|
4 |
Financial Services, Banking, and Insurance |
714 |
| 5 | Manufacturing |
698 |
Average Cloud Apps Per Enterprise by App Category
Apps in the Marketing and Collaboration categories had the highest number of cloud apps per enterprise. Despite the growing popularity of productivity and collaboration apps like Slack, the vast majority are still not enterprise-ready. IT should be mindful of not only which apps its teams are using, but the types of activities and information being shared within those apps.
|
Category |
Average # of Apps Per Enterprise | Percentage of Apps Not Enterprise-Ready |
|
Marketing |
75 |
98% |
|
Collaboration |
66 | 91% |
|
Productivity |
63 |
99% |
|
Finance/Accounting |
57 |
96% |
|
Human Resources |
52 |
96% |
|
CRM and SFA |
37 |
94% |
|
Social |
29 |
92% |
|
Software Development |
28 |
96% |
|
IT/Application Management |
28 |
96% |
| Cloud Storage |
27 |
77% |
Netskope Resources
- Downloadthe Netskope Cloud Report for more detailed analysis and to see the full list of the most widely used cloud apps by enterprises
- Learn more about how to gain visibility into enterprise cloud apps and how to ensure they are secure and compliant
- Visit the Netskope Hub for the latest commentary and insight on trends from the Netskope team
About the Netskope Cloud Report
Based on aggregated, anonymised data from the Netskope Active Platform, which provides discovery, surgical visibility and control over any cloud app, the report’s findings are based on millions of users in hundreds of accounts in the global Netskope Active Platform from April 1 through June 30, 2016.
[short_info id=’60853′]
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.