At Netskope, one of our product offerings is Netskope Discovery, a low-commitment way to get a birds’ eye view of your cloud usage and quantify your risk. Despite its ease of implementation, it gives you powerful views and the ability to query to understand things like: “Do I have a lot of ‘shared user’ accounts?,” “Do my cloud apps comply with the regulations and standards I need them to?,” and “Are users bypassing my perimeter controls by installing and using native clients?”
Here are three common findings that our customers routinely uncover using Netskope Discovery, and that you need to consider:
- Unsanctioned file sharing. There is a plethora of cloud storage and sync and share apps out there. Netskope Discovery routinely discovers many such apps being used in an enterprise. According to the Netskope Cloud Report, enterprises have 31 such apps, on average. As IT departments try to standardize on one or a few sanctioned apps, they want to know what their users prefer. By analyzing what applications their users are currently using and how they’re using them, they can take employees’ pulse, which will help them make a smarter choice. One surprise that we have helped our customers discover is the number of native apps installed on employee devices. One of our customers recently found that a large swath of its employee base was using the native Dropbox client. Because they didn’t have the ability to monitor this traffic using traditional perimeter controls, they didn’t even know Dropbox was being used in their company. We also frequently uncover a large number (often dozens) of high-risk, very low quality file sharing services, some of them in questionable countries. These are typically “long tail” and don’t account for the majority of usage in the enterprise, they present high risk because there’s no visibility into what’s being shared and with whom.
- Compliance with PCI, PHI, and SOC standards is quite a demanding task. Netskope, a SOC-1 and SOC-2 Type 1 and 2 certified vendor, routinely subjects itself to compliance audits, and I can tell from personal experience these auditors are tough. They are out there to find any evidence of compliance violations – after all, they sign the report and vouch for our compliance! One routinely discovered violation is the use of shared accounts. With Netsk