Netskope Report Reveals Bulk of Cloud Services Still Not GDPR-Ready

Netskope
Sept. 18, 2017 Los Altos, Calif.

Netskope, the leader in cloud security, today announced the release of the September 2017 Netskope Cloud Report™ on enterprise cloud service usage and trends. With the compliance deadline for the European Union General Data Protection Regulation (GDPR) fast approaching in May 2018, this quarter’s report took a close look at GDPR readiness among enterprise cloud services, finding little change in level of preparedness compared with levels previously reported. Nearly three-quarters of cloud services still lack key capabilities to ensure compliance.

Data suggests enterprise standardization in cloud adoption

In this report, Netskope observed a slight dip in the average amount of cloud services in use per enterprise, signaling that enterprises may be standardizing on cloud services and coaching users away from unsanctioned and shadow IT-related apps. The average enterprise has deployed 1,022 cloud services, down slightly from last quarter’s average of 1,053. Of those of cloud services in use, only 24.6 percent received a GDPR-readiness rating of “high”, based on attributes like location of where data are stored, level of encryption and data processing agreement specifics.

Threat landscape continues to evolve: Bitcoin malware a new finding

When examining threats putting secure enterprise data at risk on a daily basis, the Netskope Threat Research Labs found backdoors were the most frequent threat across enterprise environments, accounting for 27.4 percent of all detections. This is followed by ransomware at 8.6 percent, adware at 8.1 percent, JavaScript at 7.2 percent, Mac malware at 7.2 percent, Microsoft Office macros at 5.9 percent, and PDF exploits at 2.7 percent.

This quarter’s report also took a look at Bitcoin or cryptocurrency-related malware for the first time, finding that it accounted for .9 percent of all threats, many of which are hosted in IaaS environments like Amazon Web Services. In addition, “high severity” threats made up 86.9 percent of all threats, up from 69 percent last quarter, and 23.8 percent of malware-infected files were shared with others, including internal or external users, or even shared publicly. 

Collaboration apps show no signs of slowing down

With half of the top 20 list consisting of cloud storage or collaboration services, organizations should keep an eye on data flowing in and out of these services. Many cloud storage and collaboration services connect to other cloud services (for example, cloud storage connecting to Salesforce or DocuSign), and a comprehensive cloud security program should take into account what controls to place in cloud service-to-cloud service communications and processing.

“Cloud adoption is an inevitability and has enormous business value for enterprises across all geographies and verticals. It also introduces a new set of complex security challenges in the enterprise, with regulations like the GDPR one of the more complex challenges,” said Sanjay Beri, CEO and founder of Netskope. “On the eve of the compliance deadline, complete visibility into and real-time control over cloud usage and activity in a centralized, consistent way that works across all cloud services is paramount for organizations to understand how they use and protect their customers’ personal data and, consequently, comply with the GDPR.”

Average Cloud Services Per Enterprise by Category

This quarter, the average amount of cloud services per enterprise decreased 2.9 percent to 1,022 cloud services, compared to 1,053 last quarter. For the second quarter running, manufacturing led the way with the highest average amount of cloud services used with 1,370, followed by healthcare and life sciences with 1,340. Financial services, banking, and insurance came in third with 1,175 and retail, restaurants, and hospitality fourth with 976. Technology and IT services dropped to 772 this quarter.

WIth regard to specific cloud services, HR services are the most popular– and most likely to house sensitive and personal data as defined by the GDPR. Collaboration apps saw a jump: the average enterprise has 85 collaboration apps in use, up from 71 last quarter. By contrast, the average number of productivity apps in use actually went down, signaling a shift in the way enterprise employees are getting things done — favoring collaboration and communication over traditional productivity trackers.

Service Category Average # cloud services %NER
HR 109 95%
Marketing 102 98%
Collaboration 85 84%
Finance/Accounting 59 94%
CRM 50 93%
Software development 32 75%
Productivity 33 75%
Social 24 89%
Cloud storage 24 67%
IT Service/Application Management 22 96%

Resources:

  • Download the Netskope Cloud Report for more detailed analysis and to see the full list of the most widely used cloud services by enterprises.
  • Learn more about how to gain visibility into enterprise cloud services and how to ensure they are secure and compliant.
  • Visit the Netskope Hub for the latest commentary and insight on trends from the Netskope team.

About the Netskope Cloud Report

Based on aggregated, anonymized data from the Netskope Active Platform, which provides advanced discovery, granular visibility, and control, and data loss prevention for any cloud service, the report’s findings are based on millions of users in hundreds of accounts globally in the Netskope Active Platform from April 1 through June 30, 2017.

About Netskope

Netskope is the leader in cloud security. Using patented technology, Netskope’s cloud-scale security platform provides context-aware governance of all cloud usage in the enterprise in real-time, whether accessed from the corporate network, remote, or from a mobile device. This means that security professionals can understand risky activities, protect sensitive data, stop online threats, and respond to incidents in a way that fits how people work today. With granular security policies, the most advanced cloud DLP, and unmatched breadth of workflows, Netskope is trusted by the largest companies in the world. Netskope — security evolved. To learn more, visit our website.