Cloud services account for 85% of all enterprise web traffic, signaling a need for enterprises to adopt a holistic approach to securing the cloud and web, a Netskope Cloud Report reveals.
Top 20 cloud services list
“As today’s enterprises embrace digital transformation and increasingly replace traditional web use with cloud service use, it is imperative to assess whether proper controls are in place to secure all traffic.
“While most tools are focusing on traditional web traffic, this significant shift to cloud usage is what’s causing security teams to go blind,” said Jason Clark, Chief Strategy Officer at Netskope.
“There is no one-size-fits-all approach to properly securing an enterprise as it embraces new tools and technologies, but a clear understanding of traffic and proper vigilance should be a requirement for all.”
Top policy violations differ for cloud and web
The top three policy violations detected in enterprise cloud services include DLP policy violations, cloud activity policy violations, and anomalous activity violations.
For traditional web traffic, the top three policy violations reported include acceptable use policy violations, malicious site violations, and malware detections. This data indicates the need for one tool or technology to address modern threats – a “one size fits all” for cloud and web.
While identifying sensitive data and preventing its movement is critical to specific cloud services, policing acceptable use of web applications is a top and different challenge altogether.
Cloud storage, collaboration tools, and social media apps top the cloud service usage list
Cloud storage and collaboration apps comprise the majority of the top 20 cloud services list, with consumer-focused social media services like Facebook, Twitter, LinkedIn and YouTube also prominent on the list, a signal that more enterprises are allowing employees to use corporate networks for personal use.
Multiple app instances drives heavy cloud service use
The heavy use of cloud services is often driven by multiple instances of cloud service usage across an organization.
Factors that impact the number of instances being used include the personal use of popular services, the use of app instances by individual departments or teams within an organization and the use of app instances with third-parties like business partners and customers.
New in this report, the average enterprise is using approximately 100 unique instances each for Facebook, Yahoo Mail, and Google Gmail – which further highlights the convergence of personal/consumer applications and business operations.
Number of cloud services per enterprise is growing, but large majority are not enterprise ready
For this report, the average number of cloud services per enterprise increased by 3.9% to 1,295 cloud services, compared to 1,246 in the previous report from October 2018.
As in previous reports, Netskope assesses cloud services on over 50 criteria to determine its enterprise readiness through the Netskope Cloud Confidence Index(CCI). On a scale of 0 to 100, services that receive a rating of 74 or below are not deemed enterprise ready.
Criteria indicating this lack of enterprise quality in cloud services, include inadequate compliance certifications, DLP policy controls or encryption. This report found that 96.3% of services fall within this category, a 3.6% increase from the previous report.
As illustrated in previous reports, HR, marketing and collaboration cloud services continue to be the most highly used, opening organizations to exposure of both customer and employee data.