The latest report from the Netskope threat research center, published in July 2021, shows that the majority of cloud services used in mid-size companies are shadow IT, representing a significant security risk.
In the latest edition of its report on cloud threats, which analyzes anonymized customer data collected between January and June 2021, publisher Netskope highlights the overwhelming proportion of shadow IT in the cloud applications and services used: in total, 97% of Cloud applications and services used by businesses are not trusted, supported, or secure by IT teams. The report also points to a marked increase in the volume of cloud applications in mid-sized organizations (between 500 and 2,000 employees), the number of which increased by 22% compared to the previous edition, to reach the number of 805.
Unsurprisingly, security suffers more and more. The share of malware distributed by cloud applications rose to 68%, compared to 61% a year earlier. The most problematic applications are storage services, which account for 67% of infection vectors, the other major channel being Office documents (43%). The report points to another problem, that of access management on authorized cloud applications and IaaS. Analysis of the data shows that over a third (35%) of all tasks within AWS, Azure, and Google Cloud Platform are not restricted, exposing businesses to cyberattacks. The study also raises a specific risk for organizations using Google Workspace: 97% of users of the service use their credentials to access third-party applications, which in turn can obtain a certain number of authorizations – including access to Google Drive files – if users aren’t careful. Finally, the report highlights data exfiltration attempts by employees who are about to leave their jobs: departing employees download three times more data to personal tools in their last month, and 15% of that data comes from a corporate body or directly violates a corporate data policy.