Shadow IT continues to give cause for concern

As cloud computing re-charts the path of enterprise IT, organisations are vastly underestimating the level of shadow IT in their cloud ecosystems. CipherCloud has unveiled the results of the industry’s first comprehensive study of cloud usage and risks from 2014, compiled from enterprise users in North America and Europe. 

  • 9 years ago Posted in

The “Cloud Adoption & Risk Report in North America & Europe – 2014 Trends” draws insight from CipherCloud’s millions of users from its market leading customers and its extensive CloudSource™ knowledge base to shed light on enterprise cloud usage, risks and regional geo-specific trends. This report includes anonymised data of cloud user activity collected for the full 2014 calendar year, spanning thousands of cloud applications. 

With faster time to market, massive economy of scale, and unparalleled agility, the cloud is entering enterprises at an unprecedented rate. As a result, hundreds of high risk cloud applications are commonly used across North American and European organisations.

Key Findings from the extensive study of North American and European firms in 2014.

The average global enterprise uses over 1,100 cloud applications: Our study found widespread cloud adoption across North America and Europe. In our 2014 data, a typical North America enterprise used over 1,245 cloud applications while those in Europe used 981 applications on average.

86% of cloud applications used by enterprises are unsanctioned “Shadow IT”
Our study found that enterprises vastly underestimate the extent of shadow IT cloud applications used by their organisations. Various media sources claim 10% to 50% of cloud apps are not visible to IT. Our statistics show that on average 86% of cloud applications are unsanctioned. For example, a major US enterprise estimated 10-15 file sharing applications were in use, but discovered almost 70.

Publishing, Social, and Career Clouds are 2014’s most risky cloud categories: Our research rated 52% of applications in Publishing as high risk. Similarly, 42% in Social and 40% in Career clouds are rated as high risk. These three represent the highest risk across all cloud applications.

Europe is narrowing the gap of cloud adoption to North America. Contrary to widespread beliefs that Europe lags North America significantly in cloud adoption, our research found that European enterprises leverage the cloud just as extensively as North America – an average European organisation uses 80% as many cloud applications in 2014, distributed across similar application categories.

70% of US cloud applications used by European organisations are not “Safe Harbour” approved: In our data set, we found that only 9% of the clouds used by European enterprises were either based in Europe or in European-approved data transfer regions; 21% were US clouds and Safe Harbour approved. The rest, a whopping 70%, were US clouds without Safe Harbour certification.

“The epic breaches of 2014 have catapulted security from the IT boiler room to the board room,” said Pravin Kothari, founder and CEO, CipherCloud. “While many remember 2014 as the year of the data breach, this study underscores the stealthy build-up of shadow IT, an equally worrisome threat for enterprises on both sides of the Atlantic. Rampant cloud adoption has given shadow IT a far bigger footprint than previously recognised. This introduces a multi-pronged problem for companies. It is hard, if not impossible, to protect against something you cannot see. And worse, each unsanctioned application is a vehicle for introducing a host of other risks into the enterprise. Companies must address this problem in order to fully unleash the power of the cloud.”

“The findings are eye-opening in debunking conventional wisdom that Europe is behind North America in cloud adoption,” said Jeroen Blaas, General Manager, CipherCloud Europe. “In actuality, we’re nearly on par and equally susceptible to the risks that ride into the enterprise on the back of shadow IT. And while European privacy regulations are among the most stringent in the world, these findings reveal that regulations don’t stop shadow IT. So it is up to enterprises to be the enforcers of good security hygiene and to protect against all risks to European privacy laws.”   

Talent and training partner, mthree, which supports major global tech, banking, and business...
On average, only 48% of digital initiatives meet or exceed business outcome targets, according to...
GPUaaS provides customers on-demand access to powerful accelerated resources for AI, machine...
TMF Group, a leading provider of critical administrative services for global businesses, turned to...
Strengthening its cloud credentials as part of its mission to champion the broader UK tech sector...
Nearly all UK IT managers surveyed (98%) state cloud investment is an organisational priority for...
LetsGetChecked is a global healthcare solutions company that provides the tools to manage health...
Node4 to the rescue.