Sign up for our newsletter
Technology / Cloud

Stealthy build-up of Shadow IT a threat for enterprises

CipherCloud has released the results of the industry’s first comprehensive study of cloud usage and risks from 2014.

The "Cloud Adoption & Risk Report in North America & Europe – 2014 Trends" draws insights from CipherCloud users and CloudSource knowledge base, with the report designed to shed light on enterprise cloud usage, risks and geo-specific trends.

Key finding from the study of North American and European firms reveal that:

The average global enterprise uses over 1,100 cloud applications: The study found that cloud adoption is widespread across both North America and Europe, comparatively the ‘typical’ North America enterprise uses over 1,245 cloud applications, while in Europe the average is 981.

White papers from our partners

The report reveals that enterprises are vastly underestimating the extent of shadow IT cloud applications which are being used by their organisations. The statistics revealed in the report show that on average 86% of cloud applications are unsanctioned, for example a major US enterprise estimated 10-15 file sharing applications in use, however, almost 70 were discovered.

Publishing, Social, and Career Clouds are 2014’s most risky cloud categories: The report rates 52% of publishing applications as high risk, while 42% in social and 40% in career clouds were rated as high risk.

Europe is narrowing the gap of cloud adoption to North American: European enterprises leverage the cloud as extensively as in North America, an average European organisation uses 80% as many cloud applications.

70% of US cloud applications used by European organisations are not "Safe Harbour" approved: Only 9% of the clouds used by European enterprises were either based in Europe or in European-approved data transfer regions. The vast amount, 70%, are US clouds without Safe Harbour certification, while 21% were US clouds with certification.

Pravin Kothari, CEO, CipherCloud, said: "The epic breaches of 2014 have catapulted security from the IT boiler room to the board room. While many remember 2014 as the year of the data breach, this study underscores the stealthy build-up of shadow IT, an equally worrisome threat for enterprises on both sides of the Atlantic."

"Rampant cloud adoption has given shadow IT a far bigger footprint than previously recognised. This introduces a multi-pronged problem for companies. It is hard, if not impossible, to protect against something you cannot see. And worse, each unsanctioned application is a vehicle for introducing a host of other risks into the enterprise. Companies must address this problem in order to fully unleash the power of the cloud."

Jeroen Blaas, General Manager, CipherCloud Europe, said: "The findings are eye-opening in debunking conventional wisdom that Europe is behind North America in cloud adoption. In actuality, we’re nearly on par and equally susceptible to the risks that ride into the enterprise on the back of shadow IT."

"And while European privacy regulations are among the most stringent in the world, these findings reveal that regulations don’t stop shadow IT. So it is up to enterprises to be the enforcers of good security hygiene and to protect against all risks to European privacy laws."

The report includes anonymised data of cloud user activity collected for the full 2014 calendar year, spanning thousands of cloud applications.
This article is from the CBROnline archive: some formatting and images may not be present.