Netskope Threat Research: Data Sprawl Creating Personal App Use Risk
By Roy Urrico
Finopotamus aims to highlight white papers, surveys and reports that provide a glimpse as to what is taking place and/or impacting credit unions and other organizations in the financial services industry.
The Netskope Cloud and Threat Report: Cloud Data Sprawl found that cloud app use within organizations continues to rise, as it has already increased 35% since the beginning of 2022, with an average company of 500-2,000 users uploading, creating, sharing or storing data in 138 different apps, and using an average of 1,558 distinct cloud apps each month.
The report from Santa Clara, Calif.-based Netskope, which provide Security Service Edge (SSE), a cloud platform that integrates security capabilities, and Zero Trust, a security framework authenticating all internal and external users, found 22% of users upload, create, share or store data in personal apps and personal instances, with Gmail, WhatsApp, Google Drive, Facebook, WeTransfer, and LinkedIn ranking as the most popular personal apps and personal instances.
Netskope described a personal app, such as WhatsApp, as an app that only sees personal usage from personal accounts. A personal instance, on the other hand, takes place when a specific organization manages an individual app account. For example, an organization that uses Google Workspaces would oversee an employee’s personal Gmail account.
"Cloud apps have helped to increase productivity and enable hybrid work, but they have also caused an ever-increasing amount of data sprawl that puts sensitive data at risk," said Ray Canzanese, threat research director at Netskope Threat Labs. A team from Netskope composed of cloud threat and malware researchers, produced the Cloud and Threat report, based on anonymized usage data between January 1 through May 31, 2022.
Personal Apps and Instances
"Personal apps and instances are particularly concerning, since users maintain access to data stored in those instances even well after they leave an organization,” Canzanese pointed out. “Proactive security measures – especially policy controls that limit access to sensitive data to only authorized users and devices and prevent sensitive data from being uploaded to personal apps and personal instances – can help reduce the risks of loss or exposure of sensitive data."
Canzanese also noted, "Organizations are usually surprised when they discover just how many overlapping apps they are using. Gaining this visibility is an important step to helping rein in cloud sprawl and reduce the risks it poses to sensitive data.” He emphasized that once an organization is made aware of exposed data, it can enforce policies that reduce data risks without compromising productivity. “Data security and productivity don't have to be a tradeoff."
Insider and Other Risks
Highlighting a continued trend in insider risk, the report also revealed that one in five users upload an unusually high amount of data to such personal locations during the 30 days before leaving an organization, marking an increase of 33% during the same time period in 2021.
The Netskope report suggested organizations can implement policies to limit the use of personal instances, reducing the risk they pose to data security. For example, personal app usage is lowest in financial services, highest in retail.
The report found that the financial services sector has had the most success in limiting the flow of data into personal apps and instances, with less than one in 10 users (9.6%) doing so, whereas nearly 4 in 10 (39.1%) of users in the retail sector upload data to personal apps and instances.
Other findings included:
· More users than ever are uploading, creating, sharing, or storing data in cloud apps. The percentage of users with data activity in cloud apps increased from 65% to 79% in the first five months of 2022, with cloud storage, collaboration, and webmail apps ranking as the top cloud app categories used within organizations.
· Organizations use many apps with overlapping functionality. Of the 138 apps for which an organization with 500–2,000 users upload, create, share, or store data, there are on average four webmail apps, seven cloud storage apps, and 17 collaboration apps. This overlap can lead to security issues, such as misconfigurations, policy drift, and inconsistent access policies.