Netskope Cloud Report: HR and Marketing Cloud Usage Grows, Despite Looming GDPR Deadline

We released the latest version of the Netskope Cloud Report today. This quarter, organizations’ cloud usage increased to 1,181 average apps per organization, from 1,022 last report. 92.7 percent of these services are categorized as not enterprise-ready, meaning they rated a “medium” or below on the Netskope Cloud Confidence Index (CCI).

This report had the highest average amount of HR apps in use, with 139 apps per organization. This is especially concerning in light of regulations like the EU General Data Protection Regulation (GDPR), which will require organizations to identify all personal data in use and secure that data to properly exercise data subjects rights.

Other categories with high averages include marketing and collaboration, with 121 and 95 average apps, respectively. Many of these apps will be user-led, shadow IT apps.  Cloud-first organizations want to safely permit these cloud services and not disrupt the business by attempting to block them outright.

Netskope’s unique architecture understands the language of the cloud and provides the ability to perform granular policy control and DLP on thousands of cloud services, even if they are user-led. This means that you can apply the same level of cloud security to user-led cloud services as you can for sanctioned. We recommend concentrating your focus and security policies on these types of cloud services first.

In DLP violations by service category, cloud storage led with 54.7 percent of violations, followed by webmail with 42.5 percent, collaboration with 2.2 percent, and other with 0.6 percent. Download and upload had similar percentages in activity-level violations with 40.4 percent and 40.3 percent, respectively. Send comprised 17.1 percent and other (including view) had 2.2 percent. Granularly controlling specific activities like uploads and downloads in both IT-led and user-led cloud services will be critical in ensuring data security and compliance with regulations while still enabling employee productivity. These types of policies that restrict based on context allow users to still use the apps that make them productive while reducing organizational risk.

For more findings, download the report.