Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Compliance

Shadow IT Growth Introducing Huge Compliance Risks: Report

Organizations Not Working to Defend Shadow IT Are in Danger of Data Loss and Regulatory Violations

Organizations Not Working to Defend Shadow IT Are in Danger of Data Loss and Regulatory Violations

Shadow IT continues to grow, while senior management remains in denial. The average enterprise now uses 1,232 cloud apps (up 33% from the second half of last year), while CIOs still believe their organizations use between just 30 and 40 cloud apps and services. Within this cloud, 20% of all stored data is at risk from being ‘broadly shared’.

The figures come from 1H 2017 Shadow Data Report (PDF), based on aggregated and anonymized data from 22,000 cloud apps and services, 465 million documents, and 2.3 billion emails used by Symantec’s CloudSOC (CASB) customers.

CloudSOC was acquired by Symantec when it bought Blue Coat Systems for $4.65 billion in June 2016. Symantec defines ‘broadly shared’ as “documents that are widely shared with employees within the organization, documents that have been shared externally with specific individuals such as contractors and partners, and documents shared to the public.” Put briefly, they have a high risk of exposure.

Of that 20% of broadly shared data, 2% specifically contain compliance-related data such as personally identifiable information (PII), payment card industry information (PCI) and protected health information (PHI). This means that CloudSOC customers over-shared 93 million documents. Of these, 2% (1.86 million) contained PCI; 19% (17.67 million) contained PII; and 79% (73.47 million) contained PHI; all of which potentially put the organization in breach of a range of regulatory requirements.

The figures are even worse for emails. Twenty-nine percent of the 2.3 billion emails analyzed are broadly shared and at risk of leakage. Nine percent of these contain compliance-related data: 64% contain PII, 9% contain PHI, and 27% contain PCI. To put these figures in context, Symantec found 207 million at risk emails. Within these, it found 132.48 million emails containing PII data.

Cloud apps are a popular target for hackers, and Symantec’s research evaluated the incidence of users’ high risk actions in the cloud. The biggest threat is the loss of data, and the researchers found that 71% of the detected high risk behaviors indicated attempts to exfiltrate data. Seventeen percent indicated attempted brute force attacks; 6% indicated attempts to destroy data; and 6% indicated attempts to hack into user cloud accounts.

The researchers mapped the high risk behaviors to the users’ organizations. It found that an astonishing 14% of companies have 50% or more of their employees demonstrating high risk behavior within the cloud apps and services. On the plus side, 53% of their customers have zero high risk employees — indicating that some organizations are doing a good job with their user awareness training, while others have a distance to go.

Advertisement. Scroll to continue reading.

It is important to remember that these figures come from customers of Symantec’s CloudSOC CASB. They are already making efforts to protect their cloud-based data. We don’t know if similar figures would be replicated by other CASB users — but one thing is clear. Any organization that is not specifically trying to defend its Shadow IT is in serious danger of data loss and regulatory violations.

Related: Symantec Enhances Endpoint Protection Capabilities 

Related: Stealthy Attack Could Hit 50 Percent of Large Office 365 Customers

Related: Cloud Governance Fails Could Trigger Privacy Compliance Issues

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem

Endpoint Security

Today, on January 10, 2023, Windows 7 Extended Security Updates (ESU) and Windows 8.1 have reached their end of support dates.

Compliance

The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Compliance

Government agencies in the United States have made progress in the implementation of the DMARC standard in response to a Department of Homeland Security...

Email Security

Many Fortune 500, FTSE 100 and ASX 100 companies have failed to properly implement the DMARC standard, exposing their customers and partners to phishing...

Artificial Intelligence

Two of humanity’s greatest drivers, greed and curiosity, will push AI development forward. Our only hope is that we can control it.