Welcome!

News Feed Item

9 Out of 10 Cloud Services Are Putting European Businesses at Risk

Skyhigh Networks, the Cloud Visibility and Enablement company, today released its first European ‘Cloud Adoption and Risk Report’, to coincide with the company’s expansion into the region. The report analyses usage data from more than one million users across more than 40 companies spanning the financial services, healthcare, high technology, manufacturing, media, and professional service industries to quantify the use of cloud services and the security risk that they pose to enterprises.

A key finding was that enterprises used an average of 588 cloud services. Even if one were to ignore the EU data residency requirements, only 9% of the cloud services in use provide enterprise-grade security capabilities, while the remaining 91% (more than 9 out of 10) pose medium to high security risks to organisations. From a data privacy and data residency perspective, only 1% of the cloud services in use both offer enterprise-grade security capabilities and store data in Europe’s jurisdictional boundaries, and the remaining 99%, either store data in countries where data privacy laws are less stringent or don’t have enterprise-grade security capabilities, or both.

Shadow IT Can Be Risky Business

Much of the cloud adoption within European organisations occurs under the radar of the CIO or CISO – leading to a situation where Shadow IT is widespread and uncontrolled. The ease with which employees can now consume cloud applications means that there is often little consideration for the security implications or impact on wider business policies. When CIOs examine the use of cloud services across the organisation, they generally find Shadow IT is 10 times more prevalent than they initially assumed.

Key findings from the report include:

  • Only 5% of cloud services in Europe are ISO 27001 certified, posing compliance issues for those organisations unaware that their employees are using uncertified services.
  • 25 of the top 30 cloud services in the collaboration, content sharing, and file sharing categories were based in countries (United States, Russia, China) where the privacy laws are far less stringent compared to Europe.
  • 49 different services in use are tracking the browsing behaviour of employees on the Internet. This exposes organisations to the increasingly prevalent watering hole attack.

“Cloud services certainly enable agile, flexible, and efficient businesses, and employees should be encouraged to use services that best suit their working style and enhance their productivity,” said Rajiv Gupta, CEO Skyhigh Networks. “However, it is evident from this study that too many employees are still unaware of the risks associated with some cloud services, and could even be jeopardising the overall security position of their organisation. Of the services that we analysed, 72% stored data in the US – which could have legal and compliance implications for certain organisations in Europe. The bottom line is that businesses need to get smarter about the cloud. IT needs to develop a greater understanding of the cloud services in use and the risk they present, and play a leadership role in educating users and guiding the organisation to securely embrace the cloud.”

Skyhigh Networks in Europe

Charlie Howe, EMEA director of Skyhigh Networks, is leading the company’s expansion into Europe. He aims to help companies establish a deeper visibility into cloud usage, analyse usage to determine risks, and enable the secure and cost-effective adoption of cloud applications.

Skyhigh Networks’ technology facilitates this by supporting the entire cloud adoption lifecycle, providing unparalleled visibility, usage analytics, and policy enforcement. Skyhigh Discover enables organisations to gain a comprehensive view into their cloud usage and leverage objective risk ratings to identify services that are enterprise-ready. These risk ratings are part of Skyhigh’s CloudTrust™ program, which was developed in partnership with the Cloud Security Alliance (CSA). Skyhigh Analyse identifies usage patterns to enable new cloud services, better manage subscriptions, and highlight anomalous user activity. Skyhigh Secure consistently and transparently enforces security policies such as encryption, data loss prevention, and access control on corporate data stored in the cloud.

“Europe is facing something of a crossroads with regard to cloud adoption and security,” said Howe. “The discrepancy between the perceived and actual number and risks of services in use at each organisation is worrying to say the least. CIOs need to get a better grip on this if they are to avoid the huge reputational and financial repercussions of poor data security. While blanket bans on cloud services were once the only option, CIOs now have the tools and services that will enable them to empower employees to use the cloud services that grow the business while ensuring compliance with internal and external data privacy, security, and governance policies.”

The full report, including top 10 ratings of the most popular cloud applications in each type of service, is available here: http://www.skyhighnetworks.com/wp-content/uploads/2014/04/Skyhigh-Cloud-Adoption-Risk-Report-EU-0414.pdf

ABOUT THE CLOUD ADOPTION AND RISK REPORT

The Cloud Adoption and Risk Report is based on data from more than one million users across more than 40 companies spanning financial services, high technology, oil and gas, manufacturing, retail and utilities industries. The top 10 services are based on the number of users of the service. The risk of each service is based on Skyhigh CloudTrust™, which assigns a 1-to-10 risk rating based on detailed, objective and weighted assessment of more than 30 attributes across data risk, user risk, device risk, service risk, business risk, and legal risk.

ABOUT SKYHIGH NETWORKS

Skyhigh Networks, the Cloud Visibility and Enablement Company, allows companies to embrace cloud services with appropriate levels of security, compliance, and governance while lowering overall risk and cost. With customers in financial services, professional services, energy, healthcare, high technology, media and entertainment, manufacturing, and legal verticals, the company was a finalist for the RSA Conference Most Innovative Company award and was recently named a “Cool Vendor” by Gartner, Inc. Headquartered in Cupertino, Calif., Skyhigh Networks is led by an experienced team and is venture-backed by Greylock Partners and Sequoia Capital. For more information, visit us at http://www.skyhighnetworks.com or follow us on Twitter @skyhighnetworks.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
To Really Work for Enterprises, MultiCloud Adoption Requires Far Better and Inclusive Cloud Monitoring and Cost Management … But How? Overwhelmingly, even as enterprises have adopted cloud computing and are expanding to multi-cloud computing, IT leaders remain concerned about how to monitor, manage and control costs across hybrid and multi-cloud deployments. It’s clear that traditional IT monitoring and management approaches, designed after all for on-premises data centers, are falling short in ...
Without lifecycle traceability and visibility across the tool chain, stakeholders from Planning-to-Ops have limited insight and answers to who, what, when, why and how across the DevOps lifecycle. This impacts the ability to deliver high quality software at the needed velocity to drive positive business outcomes. In his general session at @DevOpsSummit at 19th Cloud Expo, Eric Robertson, General Manager at CollabNet, will discuss how customers are able to achieve a level of transparency that e...
It is ironic, but perhaps not unexpected, that many organizations who want the benefits of using an Agile approach to deliver software use a waterfall approach to adopting Agile practices: they form plans, they set milestones, and they measure progress by how many teams they have engaged. Old habits die hard, but like most waterfall software projects, most waterfall-style Agile adoption efforts fail to produce the results desired. The problem is that to get the results they want, they have to ch...
"Venafi has a platform that allows you to manage, centralize and automate the complete life cycle of keys and certificates within the organization," explained Gina Osmond, Sr. Field Marketing Manager at Venafi, in this SYS-CON.tv interview at DevOps at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
"We're focused on how to get some of the attributes that you would expect from an Amazon, Azure, Google, and doing that on-prem. We believe today that you can actually get those types of things done with certain architectures available in the market today," explained Steve Conner, VP of Sales at Cloudistics, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
For far too long technology teams have lived in siloes. Not only physical siloes, but cultural siloes pushed by competing objectives. This includes informational siloes where business users require one set of data and tech teams require different data. DevOps intends to bridge these gaps to make tech driven operations more aligned and efficient.
Organizations planning enterprise data center consolidation and modernization projects are faced with a challenging, costly reality. Requirements to deploy modern, cloud-native applications simultaneously with traditional client/server applications are almost impossible to achieve with hardware-centric enterprise infrastructure. Compute and network infrastructure are fast moving down a software-defined path, but storage has been a laggard. Until now.
Without a clear strategy for cost control and an architecture designed with cloud services in mind, costs and operational performance can quickly get out of control. To avoid multiple architectural redesigns requires extensive thought and planning. Boundary (now part of BMC) launched a new public-facing multi-tenant high resolution monitoring service on Amazon AWS two years ago, facing challenges and learning best practices in the early days of the new service.
DXWorldEXPO LLC announced today that the upcoming DXWorldEXPO | CloudEXPO New York event will feature 10 companies from Poland to participate at the "Poland Digital Transformation Pavilion" on November 12-13, 2018.
Digital Transformation is much more than a buzzword. The radical shift to digital mechanisms for almost every process is evident across all industries and verticals. This is often especially true in financial services, where the legacy environment is many times unable to keep up with the rapidly shifting demands of the consumer. The constant pressure to provide complete, omnichannel delivery of customer-facing solutions to meet both regulatory and customer demands is putting enormous pressure on...
The best way to leverage your CloudEXPO | DXWorldEXPO presence as a sponsor and exhibitor is to plan your news announcements around our events. The press covering CloudEXPO | DXWorldEXPO will have access to these releases and will amplify your news announcements. More than two dozen Cloud companies either set deals at our shows or have announced their mergers and acquisitions at CloudEXPO. Product announcements during our show provide your company with the most reach through our targeted audienc...
With 10 simultaneous tracks, keynotes, general sessions and targeted breakout classes, @CloudEXPO and DXWorldEXPO are two of the most important technology events of the year. Since its launch over eight years ago, @CloudEXPO and DXWorldEXPO have presented a rock star faculty as well as showcased hundreds of sponsors and exhibitors!
In an era of historic innovation fueled by unprecedented access to data and technology, the low cost and risk of entering new markets has leveled the playing field for business. Today, any ambitious innovator can easily introduce a new application or product that can reinvent business models and transform the client experience. In their Day 2 Keynote at 19th Cloud Expo, Mercer Rowe, IBM Vice President of Strategic Alliances, and Raejeanne Skillern, Intel Vice President of Data Center Group and ...
In his Opening Keynote at 21st Cloud Expo, John Considine, General Manager of IBM Cloud Infrastructure, led attendees through the exciting evolution of the cloud. He looked at this major disruption from the perspective of technology, business models, and what this means for enterprises of all sizes. John Considine is General Manager of Cloud Infrastructure Services at IBM. In that role he is responsible for leading IBM’s public cloud infrastructure including strategy, development, and offering m...
More and more brands have jumped on the IoT bandwagon. We have an excess of wearables – activity trackers, smartwatches, smart glasses and sneakers, and more that track seemingly endless datapoints. However, most consumers have no idea what “IoT” means. Creating more wearables that track data shouldn't be the aim of brands; delivering meaningful, tangible relevance to their users should be. We're in a period in which the IoT pendulum is still swinging. Initially, it swung toward "smart for smart...