Compromised credentials in enterprise cloud apps

A new Netskope report shows a continued increase in cloud app usage across enterprises, as well as the high volume at which files are being shared outside of a given organization.

Most notably, as many as 15 percent of business users have had their credentials compromised. Since up to half of users re-use passwords for multiple accounts, the likelihood of users logging into business-critical apps with these credentials is high, putting business-sensitive data at risk.

Enterprises are continuing to adopt cloud apps at a fast pace, with an average of 613 cloud apps per organization in Q4, up from 579 the previous quarter. The report’s findings are based on tens of billions of cloud app events seen across millions of users between October and December 2014.

The report found more than 20 percent of organizations in the Netskope cloud actively use more than 1,000 cloud apps, and eight percent of files in corporate-sanctioned cloud storage apps are in violation of DLP policies, including PHI, PCI, PII, source code, and other policies covering confidential or sensitive data.

Due to a significant increase in data breaches and leaks from a host of major corporations, websites, and cloud apps, a growing number of users log into business apps using compromised credentials that have been stolen as part of a data hack or exposure.

As many as 15 percent of users have had their credentials compromised in a prior data exposure, and many of those users re-use passwords even to log into apps that contain business-sensitive information.