Healthcare – The Most Violations or Simply the Most Proactive?

Today we released our Cloud Report for Fall 2015 – global as well as Europe, Middle East and Africa versions. Each quarter we report on aggregated, anonymized findings such as top used apps, top activities, and top policy violations from across our customers using the Netskope Active Platform.

For the first time, this report breaks down trends by industry group, focusing on five key groupings with similar usage characteristics. They are:

• Healthcare and life sciences;
• Financial services, banking, and insurance;
• Retail, restaurants, and hospitality;
• Manufacturing; and
• Technology and IT services

The most surprising finding in this season’s report is the sheer difference between the healthcare and life sciences industry grouping and the others. Healthcare and life sciences has the highest number of DLP policy violations in content at rest in sanctioned apps (21.1 percent of files scanned), as well as the largest percentage of overall DLP policy violations (76.2 percent of all violations) for both content en route to or at rest in cloud apps, even though the group only accounts for 27.6 percent of the user base in the Netskope Active Platform.

The immediate conclusion is that the healthcare and life sciences industry group is rife with data violations, but there may be more than meets the eye. Remember, it takes two to violate a policy: 1. The policy needs to be set; and 2. A user needs to violate the policy. So a high number of violations could simply be an indicator of proactive policy-setting. Because we only see aggregated, anonymized data in our cloud, we can’t know who’s setting policies, but anecdotally, our customers in healthcare and life sciences are pretty advanced. These are organizations for which the cloud creates a significant competitive advantage (so they need to be there!), yet also have a lot to lose if something should go wrong (medical records are worth more than credit cards, according to recent studies like this one).

What does that say for everybody else? First off, we think we are in the early innings of cloud policies. We are seeing the majority of our policy violations in healthcare and life sciences, but we expect more in retail, manufacturing, and other industries as those industries enforce more PCI, PII, and “confidential” DLP violations. Also, we see a high concentration of violations in the Cloud Storage category (Google Drive, Dropbox, Box, etc.) versus in apps across the board. As organizations enforce more DLP policies in a broader set of apps such as in the Finance/Accounting, HR, and Software Development categories, we expect to see more of a range of violations, taking action on sensitive content, risky activities, and non-compliant access.

Across what app categories and activities do you intend to set your next cloud policy?