Risk
2/26/2014
06:45 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

Netskope Survey: More Than 60 Percent Of IT's Most Security Savvy Professionals Are Either Unaware Of Their Company's Cloud App Policies Or Don't Have One

In absence of cloud app policies, more than two-thirds of attendees surveyed said they would consider their company's privacy policy before downloading an app

SAN FRANCISCO, Feb. 26, 2014 /PRNewswire/ -- RSA CONFERENCE 2014 – Today from RSA Conference USA 2014, Netskope&trade, the leader in real-time cloud app analytics and policy enforcement, announced results of a survey on information security professionals' use of cloud apps. Netskope found that despite widespread adoption of cloud apps in the enterprise, most IT security professionals are either unaware of their company's cloud app policy or don't have one. In the absence of cloud app policies, more than two-thirds of attendees surveyed said they would consider their company's privacy policy before downloading an app.

As cloud apps proliferate in the enterprise, the security and privacy risks associated with use of these apps at work is on the rise. According to the recent Netskope Cloud Report, the typical enterprise is using 397 apps, or as much as 10 times the number that IT typically has within its purview. Furthermore, 77% of cloud apps are not enterprise-ready, leaving IT with the challenge of securing these apps and putting policies in place to guide their use.

"It's not surprising to see that although cloud app usage has caught on in the enterprise, the majority of companies are behind on establishing clear policies and guidelines, and as a result employees are in the dark about the implications of their app usage," said Sanjay Beri, founder and CEO, Netskope. "With the amazing benefits that cloud apps bring, enterprises also shoulder significant risks that can no longer be ignored. We expect to see cloud app analytics and policy implementation become a top priority in the coming months as businesses look to optimize their usage of cloud apps with an eye on both agility and security."

The survey – which provides a snapshot of user and corporate practices among a sample of RSA attendees – offered up these conclusions:

Policies Lag Despite Growing Cloud App Adoption in the Enterprise

Although enterprises have more cloud apps in use by employees than ever before, 44% of those surveyed said their company doesn't have a cloud app policy in place. Furthermore, 17% of employees are unaware if their company has a policy.

Employees Want to Consider Company Policy Before Using a Cloud App

Despite the rise of unsanctioned cloud apps in the enterprise, also called "Shadow IT," the majority of respondents take into consideration their company privacy policy before signing up for a cloud app account. Seventy percent of those surveyed said they consider the rules before browsing or hitting the app store, which is good news for companies that have policies in place.

Storage and Consumer Apps are perceived as IT No-No's

When asked about the top apps they do not want IT to know about, respondents said that storage and consumer apps are top of mind. The top three apps they want to keep off IT's radar are:

1. Dropbox (Storage)

2. Twitter (Consumer)

3. Facebook (Consumer)

Netskope helps enterprises identify cloud app usage and enforce policies that protect sensitive information and prevent data loss by giving IT the real-time visibility, deep analytics, and policy enforcement needed to confidently embrace cloud computing. Netskope's solution enables enterprises to improve compliance with data governance rules across industries while supporting the use of cloud apps that enable employees to get their jobs done. For more information visit: http://www.netskope.com/product/.

Survey Methodology

Live interviews were conducted with 120 RSA USA Conference attendees between February 24 and February 25, 2014.

Find Netskope at RSA:

SESSION:

Let Your Users Go Rogue

DATE:

Thursday, February 27 at 10:40 a.m. PT

LOCATION:

Moscone Center, San Francisco

SPEAKERS:

Sanjay Beri, CEO, Netskope (moderator)

Alan Boehme, chief of enterprise architecture, business innovation and emerging technologies, The Coca-Cola Company

Arthur Lessard, senior vice president and chief information security officer, Universal Music Group

Mike Kail, vice president of IT operations, Netflix

OVERVIEW:

Shadow IT is scary! But maybe letting people "go rogue" is a good thing. Join industry thought leaders for a contrarian viewpoint and lively discussion on how to let people use their favorite cloud apps while protecting corporate networks and sensitive data from threats. Learn how they're using big data to gain security visibility and come away with practical advice for enforcing cloud policies.

About Netskope

Netskope&trade is the leader in cloud app analytics and policy enforcement. Only Netskope eliminates the catch-22 between being agile and being secure and compliant by providing complete visibility, enforcing sophisticated policies, and protecting data in cloud apps. The Netskope Active Platform&trade performs deep analytics and lets decision-makers create policies in a few clicks that prevent the loss of sensitive data and optimize cloud app usage in real-time and at scale, whether IT manages the app or not. With Netskope, people get their favorite cloud apps and the business can move fast, with confidence.Netskope is headquartered in Los Altos, California. Visit us at www.netskope.com and follow us on Twitter @Netskope.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading, September 16, 2014
Malicious software is morphing to be more targeted, stealthy, and destructive. Are you prepared to stop it?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0993
Published: 2014-09-15
Buffer overflow in the Vcl.Graphics.TPicture.Bitmap implementation in the Visual Component Library (VCL) in Embarcadero Delphi XE6 20.0.15596.9843 and C++ Builder XE6 20.0.15596.9843 allows remote attackers to execute arbitrary code via a crafted BMP file.

CVE-2014-2375
Published: 2014-09-15
Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to read or write to arbitrary files, and obtain sensitive information or cause a denial of service (disk consumption), via the CSV export feature.

CVE-2014-2376
Published: 2014-09-15
SQL injection vulnerability in Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVE-2014-2377
Published: 2014-09-15
Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to discover full pathnames via an application tag.

CVE-2014-3077
Published: 2014-09-15
IBM SONAS and System Storage Storwize V7000 Unified (aka V7000U) 1.3.x and 1.4.x before 1.4.3.4 store the chkauth password in the audit log, which allows local users to obtain sensitive information by reading this log file.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
CISO Insider: An Interview with James Christiansen, Vice President, Information Risk Management, Office of the CISO, Accuvant