Cloud adaptation among enterprises continues to grow. According to Netskope’s new report, this is both good and bad, as unsanctioned cloud service usage is still present, and many cloud services are still not fully GDPR-compliant.
Here are more details from the report: The average number of cloud services a company in the EMEA region uses is now 845, up from 824 just a quarter ago. A vast majority (95 per cent) aren’t enterprise-ready, and that’s probably the biggest issue. The report says Shadow IT is even present among sanctioned services. For example, users have personal Dropbox or Box accounts, and they use them while working, making detection and mitigation basically impossible. When it comes to complying with GDPR, 66 per cent of all cloud services aren’t compliant, the report says. That means they lack residency, privacy and security controls.
Things are moving in the right direction, however, as just half a year ago, Netskope said 75 per cent of all services weren’t compliant. More than four fifths (82 per cent) don’t encrypt data at rest, 66 per cent don’t specify if their customers own the data in ToS, and 42 per cent don’t allow admins to enforce password controls.
“Until very recently, organisations had to take an all-or-nothing approach to allowing cloud services. If they sanctioned a cloud storage service for corporate use, they also needed to accept any additional personal instances of that cloud storage service or block the service entirely,” said Sanjay Beri, founder and CEO, Netskope.
“As our customers make cloud services a strategic advantage for their businesses, when it comes to governing and securing those services, they are realising granular policies can ensure that sensitive data does not leak from the sanctioned instance of a corporate cloud service to an unsanctioned one.”
Image Credit: Everything Possible / Shutterstock