1 in 10 broadly shared files in cloud apps expose sensitive and regulated data, reveals new Elastica cloud threat labs report from Blue Coat


Enterprise shadow data threat on rise as cloud app usage surges in the enterprise, opening organisations to $1.9 million in potential losses

Bluecoat LogoBlue Coat Systems has released its Q4 2015 Shadow Data Report from the Elastica Cloud Threat Labs team (www.Elastica.net). Analysis conducted using the Elastica CloudSOC platform provided insights into 63 million enterprise documents within leading cloud applications, including Microsoft Office 365, Google Drive, Salesforce, Box and others. The report provides analytics revealing how the threat of shadow data is on the rise as employees use cloud apps to share information within their organisations, among partners, and with customers. The shadow data threat was first identified by the Elastica Cloud Threat Labs in 2014 and describes any sensitive information that is uploaded and shared in cloud apps without the knowledge, consent or control of IT security teams, which may put an organisation at risk of a costly data breach.

Among the most salient findings was that organisations are not aware that 26 per cent of documents stored in cloud apps are broadly shared, meaning that any employee can access them, that they are shared externally with contractors and partners, and in some cases publicly accessible and discoverable through Google search. Equally alarming are findings showing that 1 out of 10 documents shared broadly contain data that is sensitive and/or subject to compliance regulations, such as source code (48 per cent), Personally Identifiable Information (PII) (33 per cent), Protected Health Information (PHI) (14 per cent), and Payment Card Industry (PCI) data (5 per cent).

Shadow data driving financial risks
The level of financial risk shadow data is creating among organisations is significant. For the second half of 2015, Elastica calculated that the potential financial impact on the average organisation from the leakage of its sensitive cloud data was $1.9 million. Healthcare organisations face an even greater risk with a potential impact reaching as high as $12 million. The education sector also ranked high for financial risk at $5.9 million.

Cloud app usage up From 774 to 812 per organisation; Office 365 tops the list of popular cloud apps
Elastica analysed the most popular cloud business applications and found that Microsoft Office 365 was the most widely used, knocking Twitter out of the top spot from earlier this year. The analysis showed that companies currently have, on average, 812 cloud applications running, up from 774 when last reported in June; a 5 per cent increase. The top 10 apps in use within enterprises today are: 1) Office 365; 2) Twitter; 3) YouTube; 4) LinkedIn; 5) Google Apps; 6) Salesforce; 7) AWS; 8) Dropbox; 9) Skype; 10) Box.

Multiple, varied threats targeting cloud data
Analysis revealed that there were three primary threats facing organisations using sanctioned and unsanctioned cloud apps: 1) data exfiltration (Theft), 2) data destruction, and 3) account takeover. To no one’s surprise, exfiltration was the most frequent threat at 77 per cent; what’s interesting to note are the methods by which exfiltration is taking place: anomalous frequent emails Sent (18 per cent), anomalous frequent sharing (41 per cent), anomalous frequent downloads (15 per cent), and anomalous frequent previews (3 per cent). The latter may suggest users are taking screenshots of sensitive data.

“We’ve reached a point in the security lifecycle where shadow IT should no longer be the primary focus. By now, organisations should have a grip on cloud applications available and have enforceable policies in place with the ability to control which are in use,” said Rehan Jalil of Blue Coat Systems and Elastica founder. “It’s time to start focusing on the real problems, which are the need to know what types of information employees are sharing, who is able to access data and how to stop high-risk exposures that lead to data breaches.”

The Elastica CloudSOC platform from Blue Coat provides enterprises with a range of solutions that ensure visibility, access control and protection of their data in the cloud. For example, enterprise organisations can leverage Elastica to dynamically monitor and classify all sensitive content being uploaded, downloaded or shared via Dropbox. Granular policies can be created and enforced to ensure users are compliant with corporate policies, while still reaping the benefits of the cloud. In addition, the Elastica CloudSOC solution can automatically identify threatening activity to Dropbox accounts indicative of compromised credentials or malicious insider attacks. Tapping advanced user behaviour analytics, the Elastica solution continuously monitors account activity and generates a dynamic ThreatScore that can be leveraged to alert on or block threatening activity.

To access the full Q4 2015 Shadow Data Report, visit https://www.elastica.net/q4-2015-shadow-data-report

Interact with Elastica:


About Blue Coat Systems
Blue Coat is a leader in advanced enterprise security, protecting 15,000 organisations every day, including 88 of the 100 largest global companies. Through the Blue Coat Security Platform, Blue Coat unites network, security and cloud, providing customers with maximum protection against advanced threats, while minimising impact on network performance and enabling cloud applications and services. Blue Coat acquired Elastica, the leader in Data Science Powered™ Cloud Access Security, in November 2015. The Elastica CloudSOC™ platform from Blue Coat empowers companies to confidently leverage cloud applications and services while staying safe, secure and compliant. Blue Coat was acquired by Bain Capital in March 2015. For additional information, please visit www.bluecoat.com and http://www.elastica.net


Comments are closed.