New Netskope Report Shows Compromised Credentials Continue to Haunt Cloud App Usage

  • 13.6 percent of enterprise users have had their account credentials compromised
  • 70 percent of uploads to cloud apps by people with compromised accounts are to apps rated “poor” in terms of enterprise-readiness
  • More than a quarter of organizations have more than 1,000 cloud apps in use

LOS ALTOS, Calif. – April 14, 2015 – Netskope, the leader in safe cloud enablement, today released the April 2015 Netskope Cloud Report™ that monitors enterprise cloud app usage and trends. The report details the continued impact of compromised cloud app credentials to enterprises.

The report found that more than seven out of ten uploads from users with compromised accounts are to apps with a “poor” rating in the Netskope Cloud Confidence Index*. Additionally, 23.6 percent of logins to Customer Relationship Management (CRM) apps come from compromised accounts. Cloud app usage continues to grow across enterprise organizations; the report found that more than 25 percent of organizations in the Netskope Cloud use more than 1,000 apps.

The average number of cloud apps (both sanctioned and unsanctioned) continued to grow: organizations now use an average of 730 cloud apps. This represents a 16 percent increase from the previous quarter. Nine out of every ten apps in use today are not enterprise ready, scoring a “medium” or below in the Netskope Cloud Confidence IndexTM (CCI). Also, according to Netskope’s study, 13.6 percent of app users have had their account credentials compromised.

“While there’s a more common understanding and acceptance of ‘shadow IT’ across organizations, there’s a corresponding rise in the volume of unsanctioned cloud apps in use,” said Sanjay Beri, CEO and founder, Netskope. “This should give IT pause, but it’s not a cause for mass panic. Like it or not, this is the new reality for IT; it’s thus critical that organizations maintain a deep level of visibility and governance over their cloud app infrastructure so they can spot and mitigate a suspicious pattern before it becomes an issue.

Top 10 Most Popular Cloud App Categories

In addition to the consumer and prosumer apps that organizations expect to find in use (such as Twitter, Dropbox, and Evernote) line of business apps are most prevalent within organizations. Marketing remains the most prevalent category; however, nearly all marketing apps rate at a “medium” or below on the CCI. More than 90 percent of apps in categories including Human Resources, Collaboration, and Finance/Accounting also rate at a “medium” or below on the CCI.

Category Number per Enterprise Percent Not Enterprise-Ready
1 Marketing 64 98.5%
2 Collaboration 47 83.1%
3 Finance/Accounting 40 93.2%
4 Human Resources 40 96.6%
5 Productivity 37 96.9%
6 CRM/SFA 35 91.5%
7 Cloud Storage 34 72.6%
8 Software Development 26 90.9%
9 Infrastructure 21 84.4%
10 Social 19 79.9%

Top-Used Apps in Business

As in past reports, Cloud Storage and Social apps dominate the top 20 apps used in business, and comprise nearly a third (32 percent) of total cloud app usage. Based on distinct app sessions, the top used apps reflect all cloud app access points tracked by the Netskope Active Platform**. Other categories represented include Webmail, Collaboration, and Customer Relationship Management/Salesforce Automation (CRM/SFA).

Cloud App Category
1 Facebook Social
2 Google Drive Cloud Storage
3 Google Gmail Webmail
4 Twitter Social
5 iCloud Cloud Storage
6 Google Docs Productivity
7 YouTube Consumer
8 LinkedIn Social
9 Dropbox Cloud Storage
10 Microsoft OneDrive Cloud Storage
11 Salesforce CRM/SFA
12 Cisco WebEx Collaboration
13 Evernote Productivity
14 RingCentral Telecom
15 Okta Security
16 Microsoft Live Webmail
17 Box Storage & Collaboration
18 DocuSign Electronic Signature
19 SuccessFactors Human Resources
20 Microsoft Office 365 Word Productivity

Top Policy Violations

Policies can be enforced based on a number of factors, including user, group, location, device, DLP profile, activity, and more. Policies observed include: blocking the download of personally-identifiable information from an HR app to a mobile device; to alerting when users share documents in Cloud Storage apps with someone outside of the company; to blocking unauthorized users from modifying fields in Financial/Accounting apps. Data loss prevention (DLP) policy violations involving the download of data outnumber those involving the upload of it by more than two to one. The three top categories for DLP policy violations include Cloud Storage, Webmail, and CRM/SFA.

Top Activities Triggering Policy Violation

Netskope Resources

About the Netskope Cloud Report

Based on aggregated, anonymized data from the Netskope Active Platform, which provides discovery, deep visibility, and granular control over any cloud app, the report’s findings are based on millions of users in hundreds of accounts in the global Netskope Active Platform from January – March 2015.

About Netskope

Netskope™ is the leader in safe cloud enablement. Only the Netskope Active PlatformTM provides discovery, deep visibility, and granular control of sanctioned and unsanctioned cloud apps. With Netskope, IT can direct usage, protect sensitive data, and ensure compliance in real-time, on any device, including native apps on mobile devices and whether on-premises or remote, and with the broadest range of deployment options in the market. With Netskope, businesses can move fast, with confidence. Serving a broad customer base including leading healthcare, financial services, high technology, and retail enterprises, Netskope has been named to CIO Magazine’s top 10 cloud security startups and featured in such business media as CBS News, Wall Street Journal, and Forbes. Netskope is headquartered in Los Altos, California. Visit us at and follow us on Twitter @Netskope.


[*] The Netskope Cloud Confidence Index™ is a database of more than 5,000 cloud apps that are evaluated on 40+objective enterprise-readiness criteria adapted from the Cloud Security Alliance, including security, auditability, and business continuity. The results of the evaluation are normalized to a 0−100 score and mapped to five levels ranging from “poor” to “excellent.”

[**] Includes perimeter device (e.g., firewalls, gateways, etc.) log analysis and real-time visibility of campus PC, remote PC, and mobile device (e.g., smartphones, tablets).