Cloud use could be putting businesses at risk
According to a new study, 69.7 percent of cloud applications do not specify whether the customer keeps ownership of uploaded data, just 8.7 percent commit to not sharing data with third parties, and only 16 percent delete data immediately after contract termination.
All three of these things could leave businesses open to non-compliance files under the EU's GDPR requirements. The report from cloud security company Skyhigh Networks analyses real life cloud usage data from 30 million cloud users worldwide to assess the risk the cloud presents.
What businesses upload is important too, 18.1 percent of files uploaded to cloud-based file sharing and collaboration services contain sensitive data, including financial details and personally identifiable information like social security numbers and dates of birth.
"With companies now accessing an average of 1,427 cloud services and generating more than 2.7 billion cloud transactions per month, cloud security cannot be ignored," says Nigel Hawthorn, Skyhigh Networks' chief European spokesperson. "It's concerning that so many cloud service providers do not specify who owns data after upload and so few commit to not sharing it with third parties, as both could potentially see data falling into the wrong hands. IT should not be a department that simply says 'no', but instead one that knows how to proactively push employees towards safe and trusted cloud services".
The report also shows that there's a growing 'cloud enforcement gap' between what companies think they're blocking compared to how much they actually are. This is especially true with social media sites, for example enterprises believe the blocking rate for Instagram is 43.7 percent when it's actually only 6.4. The enforcement gap for other social media sites include Facebook with an intended block rate of 49.2 percent and an actual rate of 28.8, Snapchat (63 vs 20.2) and Twitter (30.8 vs 12.6).
In addition, 31.3 percent of applications used in the enterprise are deemed too risky and not sanctioned by IT. Three of the top 10 most outlawed cloud applications are PDF converters (PDF split, PDF unlock! and PDF to doc), which to some are a seemingly innocuous service that aids productivity.
For more information you can download the full report from the Skyhigh website.