The number of cloud apps in use across enterprises is soaring, and it was already a lofty number. On average, employees use 917 different cloud apps within a given enterprise organization. Out of that total, unsanctioned apps represent 95% of an enterprise’s total cloud app footprint. Security and auditing are not at the core of most of these apps, and only 6% of them would be considered “enterprise ready.” A growing portion of corporate data is entering the cloud, and given this insight, that’s a pretty scary thought.
Trends in mobility and cloud use increase the insider threat, because existing data security policies and technologies often fail to address the data moving through or stored in cloud apps. At this year’s RSA conference, only 37% of respondents indicated that their organization had a solid policy to address cloud-based threats. A recent Gemalto survey found that half of all cloud services and corporate data stored in the cloud is not controlled by IT. In fact, only a third of sensitive data encrypted in cloud-based apps.
Defense-in-Depth Meets Public Cloud Storage
As we see with mobility, there is a definite lag among organizations to respond to the data security threats that the cloud represents. While organizations struggle to meet the demands of employees, by enabling mobile and cloud use, the threats multiply. The solution, as with all approaches to data security, requires that organizations adopt a defense-in-depth approach. With this type of strategy, policies, procedures and education are supplemented with layers of technology to protect data, wherever it resides. Moreover, security updates and alerts should be automated as much as possible to speed up time-to-detection.
Absolute recently released an update to Absolute DDS which extends our Endpoint Data Discovery (EDD) functionality. Now you can detect at-risk data in cloud storage applications like Dropbox, Box, iCloud and One Drive. Using our application, you can determine which cloud applications are being used and if sensitive data is being stored in those applications. Together, this adds visibility to a growing area of data security. To learn more, visit Absolute.com