A guide to Cloud App Acceptance in the Enterprise

For some reason, the mere thought of the cloud in business can cause anxiety for the IT department. But working in the cloud should engender delight, not despair. Over the next few days, I’ll be posting a series of blogs to help you look at where you stand with cloud apps right now, and walk through the stages of acknowledging, appreciating and accepting the use of cloud apps within your workplace, examining the various stages of ‘app acceptance’ that many organizations grapple with:

• Denial (what cloud apps, where?)
• Anger (will you please stop uploading sensitive data!)
• Depression (I’ll never manage all these apps, I can’t go on)
• Acceptance (These cloud apps are actually great for business!)

Netskope did some research with IT decision makers across medium and large enterprises into the current state of cloud app use and I’ll be referencing the findings throughout the guide.  This will hopefully show you that – when it comes to app acceptance – you are by no means on your own. There’s something in here to help every company, regardless of your current stance towards cloud apps.

As such, each blog post concludes with a few practical steps that you can take in order to reach app acceptance nirvana.

So if everyone is sitting comfortably, we’ll begin…

Stage 1: Denial

The ‘ignore it and hope it goes away’ mentality isn’t something to be ashamed of, and actually was a very common response revealed in our research – 18% of IT decision makers within medium and large businesses said they knew for a fact employees did not use any cloud apps within the organisation. In addition, almost half of the respondents to our study (42%) believed employees used cloud apps, but they were all sanctioned by IT.

The reality is that cloud apps are being used within organizations today. The February 2016 Netskope Cloud Report revealed that within an average organization, there are more than 900 cloud apps in use, over 85% of which are not enterprise-ready and lack key functionalities such as security, audit and certification, service-level agreement, legal, privacy, financial viability and vulnerability remediation. We recently ran an audit with a large financial services company in Europe who genuinely believed they had zero cloud apps in use. The audit revealed more than 1,200!

So what are they doing?

Despite 13% of our survey respondents stating that cloud apps brought no benefits to the business, it seems the business thinks otherwise!

Among the top categories of cloud apps in use within the enterprise, including those not enterprise-ready, marketing had the highest total. While some marketing apps do not hold sensitive data, many do contain personally identifiable information about users, their web usage and their buying preferences. The table below shows the key business functions of apps within the enterprise and can make for surprising reading…

Cloud apps such as Salesforce are being used to crunch terabytes of data in order to analyze information to make better business decisions. Dropbox is used by employees regularly to save large presentations, take work home or send documents to a third party. HR apps are used for talent management, the review process, and payroll, and all this means a lot of sensitive data are being kept in the cloud. It’s the same with the Finance function; cloud apps are used to optimize payments, control the close process and manage subscription renewal.

Can you say, hand on heart, you know exactly what apps each department in your organization is using? With subscription services only a credit card number away, it’s very possible these apps are “Shadow IT” – being brought into the workplace by individuals.  

Employees may not even be aware that they are endangering corporate data. Just consider MyPCBackup, one of the most popular backup solutions for Android devices. Seemingly useful, this automatic backup app can actually be extremely dangerous when used by any employee with access to sensitive data. If staff access company files on a device with MyPCBackup, they may not even realize that a copy is automatically uploaded to the cloud, leaving that data stored outside of IT’s control in a location where no one even knows to look for it!