Fully 95 percent of cloud services in use in the average enterprise aren’t enterprise-ready, according to the January 2017 Netskope Cloud Report.
Specifically, 82 percent of cloud services don’t encrypt data at rest, 66 percent don’t specify in their terms of service that the customer owns the data, and 42 percent don’t allow admins to enforce password controls.
An average of 1,031 cloud services are now in use per enterprise, up from 977 in the previous quarter.
The retail, restaurants and hospitality industry has the highest number of cloud services in use (1,193), followed by financial services, banking and insurance (1,132).
Half of users of sanctioned cloud storage services, the report states, also have a personal instance of the same cloud service.
“Until very recently, organizations had to take an all-or-nothing approach to allowing cloud services,” Netskope CEO and founder Sanjay Beri said in a statement. “If they sanctioned a cloud storage service for corporate use, they also needed to accept any additional personal instances of that cloud storage service or block the service entirely.”
Separately, a recent Bitglass survey of more than 100 IT executives at the Gartner Symposium/ITxpo found that one in three organizations are now cloud only or cloud first.
Eighty-two percent of respondents to the Bitglass survey have at least two cloud apps deployed, and more than half have more than four sanctioned cloud apps deployed.
“Cloud and mobile are driving business data beyond the firewall, introducing new security and compliance risks,” Bitglass CEO Nat Kausik said in a statement.
And a recent BMC survey of more than 300 C-level executives in North America and Europe found that 69 percent of respondents said digital transformation is forcing fundamental changes to their existing cyber security strategies.
Fully 65 percent of respondents said public clouds are creating the biggest security challenges for their IT and security teams.
“Make no mistake, cyber security is a critical initiative across the board,” BMC president of security and compliance Bill Berutti said in a statement. “Every company, government and society is seeking new innovative paths to drive our digital future, but all are battling increased threats from phishing, ransomware, and known vulnerabilities.”
Eighty-two percent of executives plan to invest more in security in the coming year, and 68 percent plan to enhance incident response capabilities in the next 12 months.