98% of enterprise cloud apps are not GDPR ready
Enterprises are using 20 times more cloud apps than IT estimates, with most using an average of 841 across their extended networks.
Blue Coat Systems' Elastica Cloud Threat Labs released findings from its 1H 2016 Shadow Data Threat Report, which included an analysis of more than 15,000 enterprise cloud apps in use and 108 million enterprise documents stored and shared within them.
Of the 15,000 apps analysed, 99 percent do not provide sufficient security, compliance controls and features to effectively protect enterprise data in the cloud. Shadow data continues to be a major threat with 23 percent of it being broadly shared among employees and external parties.
“Understanding which cloud applications your employees are adopting and using is an important step to identifying which apps are business ready and which apps need to be replaced with more secure alternatives,” said Aditya Sood, PhD and director of security and Elastica Cloud Threat Labs at Blue Coat.
It was also discovered that 98 percent of the analysed cloud apps are not GDPR ready.
Nearly two thirds (63 percent) of risky user activity in the cloud indicates attempts to exfiltrate data and 37 percent of suspicious cloud activity indicates attempts to hack into user cloud accounts.
Almost three quarters (71 percent) of business cloud apps don't provide multi-factor authentication and 11 percent of them are still vulnerable to one or more major exploits such as Heartbleed and Poodle SSLv3.
“Adopting new cloud applications can increase a business's productivity and enable organisations to become more agile, but with rapid migration to the cloud comes a significant number of security and regulation challenges,” said Mike Fey, president and COO at Blue Coat Systems. “An effective and comprehensive security solution must provide granular visibility and control over cloud apps and meet new cloud security regulations like the EU's GDPR to qualify as enterprise-grade for organisations doing business in the cloud.”