High prevalence of personal health information at risk

The healthcare and life sciences vertical is responsible for 76.2 percent of all cloud data loss prevention (DLP) policy violations among the billions of total app instances tracked by Netskope.

Among the different types of mishandled data within healthcare and life sciences, protected health information (PHI) accounts for an alarmingly high 68.5 percent of violations in cloud apps. PHI includes sensitive data about health status, provision of healthcare, or payment for healthcare that can be linked to a specific individual.


Personally-identifiable information (PII) accounted for an additional 13.7 percent of violations. The technology and IT services vertical had the second-highest proportion of total violations, at 14.2 percent.

Enterprise cloud app usage continues to grow
The report found the average number of cloud apps used per enterprise is 755. 91 percent of these apps are not enterprise-ready, lacking key functionalities like as security, audit and certification, service-level agreement, legal, privacy, financial viability and vulnerability remediation.

Within specific verticals, technology and IT services had by far the highest number of cloud apps in use, averaging at 1,157 apps per enterprise. Healthcare and life sciences had the second-highest total at 1,017 cloud apps.

Although activities like “download” and “share” are typically associated with apps in the cloud storage category, activities related to data leakage and exposure are also prevalent in key app categories like human resources (HR) and business intelligence. “Download” ranks as the fourth most common activity in HR apps and “share” leads as the top activity in business intelligence cloud apps.

“In the wake of a series of high-profile breaches and data loss events, there’s a growing consensus from the board level down that recognizes the need for greater visibility and actionable policies to govern cloud usage and protect sensitive data,” said Sanjay Beri, CEO at Netskope. “By better understanding where and how policy violations commonly occur, enterprises have a detailed picture of cloud app ecosystems and their respective industries to better mitigate risk.”

Netskope identified DLP violations in sensitive content at rest in sanctioned cloud apps and en route to or from a variety of sanctioned and unsanctioned cloud apps. Overall, 9.4 percent of all scanned files in sanctioned cloud apps have triggered a DLP policy violation, down from 17.9 percent in last season’s report.

The dip in violations shows organizations are becoming more proactive about both detecting and protecting sensitive data in the cloud using a combination of e-discovery, encryption and quarantine workflows.