As more and more organizations adopt cloud platforms, new shadow IT risk vectors are coming into play in the form of connected third-party apps, according to CloudLock CyberLab’s analysis across 10 million users, 1 billion files, and nearly 160,000 unique applications.
These apps (and by extension, their vendors) are authorized using corporate credentials, have API access to corporate data on multiple SaaS platforms via OAuth connections, and can act on behalf of users to access, delete, store, externalize and exfiltrate data.
30x increase in connected apps
The shadow IT dilemma is only becoming more challenging as usage is increasing exponentially year over year. From 2014 to 2016, we’ve seen nearly a 30x increase in apps from 5,500 to nearly 160,000. Each application instance represents a backdoor through which hackers can infiltrate and externalize sensitive corporate assets.
27% of apps connected to corporate environments are high risk
Measuring risk by a combination of access scopes, community-sourced ratings, and expert-driven analytics, the CloudLock CyberLab found that 27% of third-party apps are classified as high risk through which cybercriminals could gain programmatic access to corporate platforms impersonating end users.
More than half of apps are banned due to security-related concerns
An organization may embrace its employees’ ‘shadow’ exploration of innovative technology solutions and sanction a subset of these apps as Productivity IT, but it’s essential to closely monitor the connected third-party apps and identify cloud native malware in real time.
Security conscious enterprises recognize the high risk associated with connected third-party apps and take immediate action. While apps can be banned for any number of reasons, including concerns around productivity, a clear majority are banned because of the security vulnerabilities they introduce.
Reduce cloud app risk by establishing an acceptable use policy
By enacting a high-level strategy, coupled with an Acceptable Application Use Policy, organizations can significantly reduce the application risk level organization-wide. Automating whitelisting or banning of potentially risky applications is an effective strategy.
“The shift to the cloud creates a new, virtual security perimeter that includes third-party apps granted access to corporate systems,” says CloudLock Director of Customer Insights and Analytics Ayse Kaya Firat. “Today, most employees leverage a wide variety of apps to get their jobs done efficiently, unwittingly exposing corporate data and systems to malware and the possibility of data theft.”