Risk
2/26/2014
06:45 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Netskope Survey: More Than 60 Percent Of IT's Most Security Savvy Professionals Are Either Unaware Of Their Company's Cloud App Policies Or Don't Have One

In absence of cloud app policies, more than two-thirds of attendees surveyed said they would consider their company's privacy policy before downloading an app

SAN FRANCISCO, Feb. 26, 2014 /PRNewswire/ -- RSA CONFERENCE 2014 – Today from RSA Conference USA 2014, Netskope&trade, the leader in real-time cloud app analytics and policy enforcement, announced results of a survey on information security professionals' use of cloud apps. Netskope found that despite widespread adoption of cloud apps in the enterprise, most IT security professionals are either unaware of their company's cloud app policy or don't have one. In the absence of cloud app policies, more than two-thirds of attendees surveyed said they would consider their company's privacy policy before downloading an app.

As cloud apps proliferate in the enterprise, the security and privacy risks associated with use of these apps at work is on the rise. According to the recent Netskope Cloud Report, the typical enterprise is using 397 apps, or as much as 10 times the number that IT typically has within its purview. Furthermore, 77% of cloud apps are not enterprise-ready, leaving IT with the challenge of securing these apps and putting policies in place to guide their use.

"It's not surprising to see that although cloud app usage has caught on in the enterprise, the majority of companies are behind on establishing clear policies and guidelines, and as a result employees are in the dark about the implications of their app usage," said Sanjay Beri, founder and CEO, Netskope. "With the amazing benefits that cloud apps bring, enterprises also shoulder significant risks that can no longer be ignored. We expect to see cloud app analytics and policy implementation become a top priority in the coming months as businesses look to optimize their usage of cloud apps with an eye on both agility and security."

The survey – which provides a snapshot of user and corporate practices among a sample of RSA attendees – offered up these conclusions:

Policies Lag Despite Growing Cloud App Adoption in the Enterprise

Although enterprises have more cloud apps in use by employees than ever before, 44% of those surveyed said their company doesn't have a cloud app policy in place. Furthermore, 17% of employees are unaware if their company has a policy.

Employees Want to Consider Company Policy Before Using a Cloud App

Despite the rise of unsanctioned cloud apps in the enterprise, also called "Shadow IT," the majority of respondents take into consideration their company privacy policy before signing up for a cloud app account. Seventy percent of those surveyed said they consider the rules before browsing or hitting the app store, which is good news for companies that have policies in place.

Storage and Consumer Apps are perceived as IT No-No's

When asked about the top apps they do not want IT to know about, respondents said that storage and consumer apps are top of mind. The top three apps they want to keep off IT's radar are:

1. Dropbox (Storage)

2. Twitter (Consumer)

3. Facebook (Consumer)

Netskope helps enterprises identify cloud app usage and enforce policies that protect sensitive information and prevent data loss by giving IT the real-time visibility, deep analytics, and policy enforcement needed to confidently embrace cloud computing. Netskope's solution enables enterprises to improve compliance with data governance rules across industries while supporting the use of cloud apps that enable employees to get their jobs done. For more information visit: http://www.netskope.com/product/.

Survey Methodology

Live interviews were conducted with 120 RSA USA Conference attendees between February 24 and February 25, 2014.

Find Netskope at RSA:

SESSION:

Let Your Users Go Rogue

DATE:

Thursday, February 27 at 10:40 a.m. PT

LOCATION:

Moscone Center, San Francisco

SPEAKERS:

Sanjay Beri, CEO, Netskope (moderator)

Alan Boehme, chief of enterprise architecture, business innovation and emerging technologies, The Coca-Cola Company

Arthur Lessard, senior vice president and chief information security officer, Universal Music Group

Mike Kail, vice president of IT operations, Netflix

OVERVIEW:

Shadow IT is scary! But maybe letting people "go rogue" is a good thing. Join industry thought leaders for a contrarian viewpoint and lively discussion on how to let people use their favorite cloud apps while protecting corporate networks and sensitive data from threats. Learn how they're using big data to gain security visibility and come away with practical advice for enforcing cloud policies.

About Netskope

Netskope&trade is the leader in cloud app analytics and policy enforcement. Only Netskope eliminates the catch-22 between being agile and being secure and compliant by providing complete visibility, enforcing sophisticated policies, and protecting data in cloud apps. The Netskope Active Platform&trade performs deep analytics and lets decision-makers create policies in a few clicks that prevent the loss of sensitive data and optimize cloud app usage in real-time and at scale, whether IT manages the app or not. With Netskope, people get their favorite cloud apps and the business can move fast, with confidence.Netskope is headquartered in Los Altos, California. Visit us at www.netskope.com and follow us on Twitter @Netskope.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-0750
Published: 2015-05-22
The administrative web interface in Cisco Hosted Collaboration Solution (HCS) 10.6(1) and earlier allows remote authenticated users to execute arbitrary commands via crafted input to unspecified fields, aka Bug ID CSCut02786.

CVE-2012-1978
Published: 2015-05-21
Multiple cross-site request forgery (CSRF) vulnerabilities in Simple PHP Agenda 2.2.8 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) add an administrator via a request to auth/process.php, (2) delete an administrator via a request to auth/admi...

CVE-2015-0741
Published: 2015-05-21
Multiple cross-site request forgery (CSRF) vulnerabilities in Cisco Prime Central for Hosted Collaboration Solution (PC4HCS) 10.6(1) and earlier allow remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCut04596.

CVE-2015-0742
Published: 2015-05-21
The Protocol Independent Multicast (PIM) application in Cisco Adaptive Security Appliance (ASA) Software 9.2(0.0), 9.2(0.104), 9.2(3.1), 9.2(3.4), 9.3(1.105), 9.3(2.100), 9.4(0.115), 100.13(0.21), 100.13(20.3), 100.13(21.9), and 100.14(1.1) does not properly implement multicast-forwarding registrati...

CVE-2015-0746
Published: 2015-05-21
The REST API in Cisco Access Control Server (ACS) 5.5(0.46.2) allows remote attackers to cause a denial of service (API outage) by sending many requests, aka Bug ID CSCut62022.

Dark Reading Radio
Archived Dark Reading Radio
Join security and risk expert John Pironti and Dark Reading Editor-in-Chief Tim Wilson for a live online discussion of the sea-changing shift in security strategy and the many ways it is affecting IT and business.