Most European cloud services still `at risk’

A survey by Skyhigh Networks shows that European Shadow IT is cloud services that CIOs don’t know about and have therefore not secured

  • 10 years ago Posted in

A new report from Skyhigh Networks has suggested that there is a need for greater employee education about data protection and privacy.

The report ‘Cloud Adoption and Risk Report’ is its first to analyse European usage data to quantify the use of cloud services and the security risk that they pose to enterprises. The results are drawn from more than one million users across more than 40 companies spanning the financial services, healthcare, high technology, manufacturing, media, and professional service industries .

A key finding was that enterprises used an average of 588 cloud services. Even if one were to ignore the EU data residency requirements, only 9 percent of the cloud services in use provide enterprise-grade security capabilities, while the remaining 91 percent pose medium to high security risks to organisations.

From a data privacy and data residency perspective, only 1 percent of the cloud services in use both offer enterprise-grade security capabilities and store data in Europe’s jurisdictional boundaries. The rest either store data in countries where data privacy laws are less stringent or don’t have enterprise-grade security capabilities, or both.

Much of the cloud adoption within European organisations still occurs under the radar of the CIO or CISO – leading to a situation where shadow IT is widespread and uncontrolled.  The ease with which cloud applications can now be consumed by employees means that there is often little consideration for the security implications or impact on wider business policies.

When CIOs examine the use of cloud services across the organisation, they generally find shadow IT is 10 times more prevalent than they initially assumed. 

What is more , only 5 percent of cloud services in Europe are ISO 27001 certified, posing compliance issues for those organisations unaware that their employees are using uncertified services.

“Cloud services certainly enable agile, flexible, and efficient businesses, and employees should be encouraged to use services that best suit their working style and enhance their productivity,” said Rajiv Gupta, CEO Skyhigh Networks.  “However, it is evident from this study that too many employees are still unaware of the risks associated with some cloud services, and could even be jeopardising the overall security position of their organisation. Of the services that we analysed, 72 percent stored data in the US – which could have legal and compliance implications for certain organisations in Europe. The bottom line is that businesses need to get smarter about cloud, and IT needs to develop greater understanding of the cloud services in use and the risk they present, and play a leadership role in educating users and guiding the organisation to securely embrace the cloud.”

New state-of-the-art data centre features Vultr’s first AMD GPU supercompute cluster.
Only a quarter (25%) think their approach to the cloud is carefully considered and successful.
Moving to AWS Cloud will enable The Co-operative Bank to adopt cutting edge IT Infrastructure.
The global airline group will upgrade the value of its data and get its AI & generative AI ready...
Barracuda Networks’s award-winning Email Protection and Cloud Backup security solutions will be...
Leading company in renewables to leverage HPE’s unique turnkey AI infrastructure solution to...
The four-year project extension focuses on cloud transformation and enhanced operational efficiency...
Businesses in the UK are risking slower development as they fail to fully embrace technologies that...