New Netskope Report Reveals 90 Percent of Data Loss Prevention Violations Occur in Cloud Storage Apps

Netskope
June 9, 2015 Los Altos, Calif.
  • 17.9 percent of files in enterprise-sanctioned cloud apps constitute a data policy violation, with one in five of those files shared publicly
  • Average number of cloud apps used per enterprise declines for the first time as consolidation efforts from IT begin to take hold
  • 92 percent of apps used are not enterprise-ready
  • Microsoft Office 365 enterprise adoption surges

Netskope, the leader in safe cloud enablement, today released its Summer 2015 Netskope Cloud Report™, which provides a look into enterprise cloud app usage and trends. The report was highlighted by the finding that 90 percent of data loss prevention (DLP) violations occur in cloud storage apps, and a large percentage of these are for enterprise confidential intellectual property or customer or regulated data that the customer did not know or want to store there.

According to the report, 17.9 percent of all files in enterprise-sanctioned cloud apps violate at least one DLP policy. Of those DLP-violating files, one in five are exposed publicly. Among the different types of mishandled sensitive content, the highest incidence of DLP policy violations occurred with personally identifiable information (PII) at 26.8 percent, while payment card information (PCI) represented the second highest at 24.3 percent.

Of note, the report also found the average number of apps used by enterprises has declined for the first time, from 730 in the last quarterly report to 715 in the Summer 2015 report. The underlying suggests that enterprises are beginning to consolidate apps, especially those in the marketing, collaboration and productivity categories. There was no corresponding increase in apps being enterprise ready; a whopping 92 percent of the apps — all tracked in the Netskope Cloud Confidence Index (CCI) — are not rated enterprise ready, meaning they lack the security, audit and certification, service-level agreement (SLA), legal, and vulnerability capabilities required for safe cloud enablement.

“With so many cloud apps in the enterprise lacking the capabilities required for safe enablement, it is imperative that IT possess a holistic view of cloud app usage to inform proactive policies that reduce the risk of losing sensitive data,” said Sanjay Beri, CEO and founder at Netskope. “More than just knowing where violations occur, it’s important to know how they are occurring and what steps can be taken to mitigate such behaviors. While awareness is growing, it’s clear that there’s still a long road ahead to ensuring safer enterprise cloud app usage.”

Breakdown of DLP Policy Violation Occurrences

Enterprises discover and inspect cloud content against a number of predefined and custom profiles in the areas of personally identifiable information (PII), payment card information (PCI), personal health information (PHI), source code, profanity and confidential or top secret information. Using the Netskope Active Platform, Netskope identified violations by discovering content at rest in sanctioned cloud apps via those apps’ published application program interfaces (APIs) as well as by inspecting content in-line in real-time via the Netskope Active Platform per enterprises’ DLP policies. Below is a chart illustrating the breakdown of DLP policy violation categories and the percent by which each occurs:

Category Percent DLP Policy Violations
1 Personally-Identifiable Information (PII) 27%
2 Payment Card Information (PCI) 24%
3 Confidential or Top Secret Document 17%
4 Source Code 16%
5 Personal Health Information (PHI) 12%
6 Profanity 4%


Top Policy Violations in the Netskope Active Platform

The five cloud app categories with the highest volume of policy violations1 are Cloud Storage, Webmail, Finance/Accounting, Social, and CRM and SFA. The top activities that constituted a policy violation–from highest to lowest in occurrence–are login, download, send, view and upload.

Cloud Storage Webmail Finance/Accounting Social CRM/SFA
Download Send Edit Post Share
Login Post Login Login Post
Upload Download Create Invite Login

Netskope Resources

About the Netskope Cloud Report

Based on aggregated, anonymized data from the Netskope Active Platform, which provides discovery, deep visibility, and granular control over any cloud app, the report’s findings are based on millions of users in hundreds of accounts in the global Netskope Active Platform from March 15 – May 31, 2015.

About Netskope

Netskope™ is the leader in safe cloud enablement. Only the Netskope Active PlatformTM provides discovery, deep visibility, and granular control of sanctioned and unsanctioned cloud apps. With Netskope, IT can direct usage, protect sensitive data, and ensure compliance in real-time, on any device, including native apps on mobile devices and whether on-premises or remote, and with the broadest range of deployment options in the market. With Netskope, businesses can move fast, with confidence. Serving a broad customer base including leading healthcare, financial services, high technology, and retail enterprises, Netskope has been named to CIO Magazine’s top 10 cloud security startups and featured in such business media as CBS News, Wall Street Journal, and Forbes. Netskope is headquartered in Los Altos, California. Visit us at www.netskope.com and follow us on Twitter @Netskope.

###

[1] Volume of policy violations is measured as number of times a defined policy or set of policies are triggered by that combination of parameters being met, e.g., a sales user on a mobile device tries to upload content that matches the PCI DLP profile.