Cloud continues to be a major talking point for companies of all shapes and sizes. Employees are increasingly demanding the flexibility to work from anywhere, anytime and with the cloud applications they prefer to use. But how employees use cloud can often put a company’s data security at risk. We recently commissioned some research to illuminate the issues around how employees’ uses cloud applications and services, highlighting some worrying statistics about cloud safety awareness.
More than half (56%) of office workers stated their organisation didn’t have a cloud usage policy and a further 28% didn’t even know if one was in operation. This lack of knowledge from workers presents a real danger for enterprises because, despite being business-critical in nature, many cloud applications are often not enterprise-ready and pose a potential IT security risk.
The research also went on to highlight:
- 1 in 5 cloud users admitted to uploading sensitive company information to file sharing or personal cloud storage applications
- 28% of people stated they had used personal email and cloud storage applications to save/access data from their previous job
- Of those office workers who were aware of their organisation having a cloud usage policy, 48% said they had ignored it because it had restricted them from doing their job effectivelty
- 27% of cloud users said they had downloaded cloud applications that they no longer use.
In order to be able to respond effectively to the growth of cloud applications and the risk to the business, IT departments must be able to analyse the activities that pose the greatest risk (e.g. sharing data outside the company) and block them specifically. This requires real-time visibility into how every cloud application is being used. Without that, organisations will not be able to foster safe cloud usage practices for employees.
Organisations should respond to business cloud usage by empowering their users and allowing them to use the apps they want to use, but with a wary eye on security. By considering cloud-enabled self-service, single sign-on and identity lifecycle management approached, risk will be reduced and adoption simplified. If policy and data classification are aligned with a hybrid cloud architecture, organisations can keep their users happy, while at the same time ensuring risk is minimised by using the right cloud for each workload.