Cloud application usage in organizations continues to grow, already growing by 35% since the beginning of 2022, with an average of 500 to 2,000 users uploading, creating, sharing, and storing data in 138 different applications and using an average of 1,558 different clouds. programs every month.
That’s according to Security Service Edge (SSE) and Zero Trust specialist Netscope, which has released a new study detailing the proliferation of cloud applications used by businesses worldwide.
The ‘Netskope Cloud and Threat Report: Cloud Data Sprawl’ found that more than one in five users (22%) use Gmail, WhatsApp, Google Drive, Facebook and WeTransfer to upload, create, share and store data in private applications and private instances . , and LinkedIn ranked as the most popular personal apps and instances.
A private app like WhatsApp is an app that only sees private usage from a private account. A personal instance is a personal account for an application managed by an organization. For example, someone’s personal Gmail account in an organization that uses Google Workspaces is an example of a person.
In addition, the report highlights the continued trend of insider risk, with one in five users (20%) placing unusually large amounts of data in such private locations in the 30 days prior to leaving an organization, an increase of 33% year-over-year. the same period last year.
Ray Canzanese, director of threat research at Netskope Threat Labs, said: “While cloud applications have helped increase productivity and enable hybrid workloads, they are also increasing the proliferation of data that puts sensitive data at risk.
“Personal applications and instances are of particular interest because users can access data stored in those instances even after they leave the organization. Proactive security measures, particularly policy controls that limit access to sensitive data to only authorized users and devices and prevent sensitive data from being uploaded to private applications and private instances, can help reduce the risk of sensitive data loss and exposure.”
Additional key findings from the report include:
- Private application adoption is lowest in financial services and highest in retail: The financial services industry is the most successful in restricting data flow to private applications and instances, with less than one in 10 users (9.6%) doing so, compared to nearly four. 10 (39.1%) of users in the retail industry upload data to personal applications and instances.
- More users than ever are uploading, creating, sharing, and storing data in the cloud: Cloud Storage, Collaboration, and Webmail applications are among the top categories of cloud applications used by organizations.
- Organizations use many applications with overlapping functions: An organization with 500–2,000 users uses an average of four webmail applications, seven Cloud Storage applications, and 17 collaboration applications among the 138 applications that host, create, share, and store data. This overlap can lead to security issues such as misconfigurations, policy discrepancies, and access policy inconsistencies.
“Organizations are often surprised by how many overlapping applications they are using. Gaining this visibility is an important step in curbing cloud proliferation and reducing the risk to sensitive data. Once you know how data is being accessed, you can begin implementing policies to reduce data risk without compromising productivity. Information Security status and productivity are not necessarily mutually beneficial,” Canzanese concluded.
Netskope Cloud and Threat Spotlight are produced by Netskope Threat Labs, a team of industry-leading cloud threat and malware researchers who identify and analyze the latest cloud threats affecting enterprises. The survey results are based on anonymized usage data from 1 January to 31 May 2022 and from Netskope customers with prior consent.