“We haven’t got or don’t know if our organisation has a cloud usage policy”, say 84% of British office workers
1 in 5 cloud users admit uploading sensitive company information to file sharing and personal cloud storage applications
24th February 2015 – The majority of British office workers don’t know if their organisation has a cloud usage policy, according to new research from Trustmarque. More than half (56%) of office workers stated their organisation didn’t have a cloud usage policy, while a further 28% didn’t even know if one was in operation. Of those office workers who were aware of their organisation having a cloud usage policy, nearly half (48%) said they had ignored it because it had restricted them from doing their job effectively. Worryingly, 1 in 5 cloud users admitted to uploading sensitive company information to file sharing or personal cloud storage applications; a further 28% of people stated they had used personal email and cloud storage applications to save/access data from their previous job.
“Many IT departments continue to be stuck between a rock and a hard place when it comes to managing cloud applications across the business. As the research shows, this has led to a considerable lack of clarity when it comes to implementing and enforcing cloud usage policies,” said James Butler, Cloud Services Director at Trustmarque. “A significant number of employees continue to steal or place sensitive company data in danger, as a result of using unsanctioned cloud applications. For IT departments, the ongoing challenge is maintaining an IT environment that supports employees’ changing working practices, but at the same time is highly secure. A blanket approach towards blocking unsanctioned applications can often be unrealistic. Therefore, IT departments need to be able to address Shadow IT in a strategic and proactive manner – this means empowering employees to use their favourite cloud applications while protecting the organisation from data loss and network threats.”
The survey highlighted that nearly 1 in 2 office workers (46%) had used cloud applications at work, with 40% of cloud users admitting they had used cloud applications that hadn’t been sanctioned or provided by IT. Indeed, a significant number (27%) of cloud users said they had used cloud services and applications to get around the restrictions of corporate IT. For example, email attachment limits and limited data storage that force users to use file sharing and personal cloud storage applications.
“The growth of cloud applications usage shows no sign of slowing down, meaning that security and compliance concerns will continue to grow. IT departments need to be able to analyse the activities that pose the greatest risk (e.g. sharing data outside the company) and block them specifically to mitigate risk. To do this, real-time visibility into how every cloud application is being used is essential. Only then can organisations enforce smart usage policies and foster safe cloud application practices, and with the latest cloud management and analytics tools, it is now possible to achieve this,” added Butler.
The research then went on to highlight the need for organisations to better consolidate and standardise cloud applications across their business, at a time when employees continue to contribute to cloud sprawl. When asked, more than quarter of cloud users (27%), said they had downloaded cloud applications that they no longer use.
“Organisations should empower their users by considering cloud-enabled self-service, single sign-on and identity lifecycle management to simplify adoption and reduce risk. The shift in how IT is being consumed by users requires a similar shift in the mindset of IT departments, from being the builder of IT systems to becoming a broker of cloud services. Aligning policy and data classification with a hybrid cloud architecture will let organisations keep their users happy, while at the same time ensuring risk is minimised by using the right cloud for each workload,” concluded Butler.
The omnibus survey of 2,016 G.B. working adults aged 16-64, was commissioned by Trustmarque and conducted by independent research company TNS.