Saturday, 16th January 2021

Personal use of managed devices increases by almost 100%

Netskope Cloud and Threat Report reveals massive shift in user behaviour and increased risk as personal use of managed devices becomes ubiquitous.

Netskope has released the August 2020 Netskope Cloud and Threat Report, which analyses the most interesting trends on enterprise cloud service and app use, web and cloud-enabled threats, and cloud data migrations and transfers. Based on anonymised data from millions of global users, the report found there was a 148% rise in remote workers due to the COVID-19 pandemic - which resulted in a 161% increase in visits to high-risk apps and websites, as personal use of managed devices increased by 97%.

“The abrupt shift to remote work in 2020 sent a shockwave through organisations, as people found work and personal lives blended unlike ever before,” said Ray Canzanese, threat research director at Netskope. “While many companies rose to the challenge to embrace cloud-based collaboration tools, we also found increased risk as employees used work devices for personal reasons. Organisations must tackle this problem head-on by prioritising threat protection and ensuring safe cloud and web access through methods like strong authentication and access controls, data and threat protection, as well as zero-trust network access to private apps in data centres and public cloud services. Enacting measures like this will reduce exposure of apps, cloud-enabled threats, unintentional data movement, and limit network lateral movement.”

Key Findings

Based on anonymised data collected from the Netskope Security Cloud platform across millions of users from January 1, 2020 through June 30, 2020, key findings of the report include:

The COVID-19 pandemic accelerated remote work by more than doubling the number of people working outside the office, as 64% of workers are now remote. Along with this increase in remote work came an 80% increase in the use of collaboration apps as remote workers seek to remain connected with their colleagues, and the total number of cloud apps being used in the average enterprise increased to over 7,000 in the largest enterprises.

Personal use of devices increased by 97% and use of risky apps and websites increased by 161%. As employees become more accustomed to remote work, the lines are blurred between business and personal use, as employees are much more likely to use their devices for personal reasons and engage in risky activities. Notably, Netskope Threat Labs found that there is a 600% increase in the amount of traffic to websites hosting adult content, and that 7% of all users uploaded sensitive corporate data to personal instances of cloud apps—putting this data at risk of inappropriate use and theft. The top 3 most common types of sensitive data being uploaded to personal instances are:

  1. General Data Protection Regulation (GDPR), including:
    1. Including Protected Health Information (PHI) &
    2. Personally Identifiable Information (PII)
  1. Source Code
  2. Company Confidential Information

Cybercriminals’ adoption of the cloud as an attack vector continues to grow, with cloud phishing and cloud malware delivery uncovered as the two most common techniques. In 2020, 63% of malware was delivered over cloud applications - a four-point increase from the end of 2019. The top cloud apps and services from which Netskope blocked malware downloads were:

  1. Microsoft Office 365 OneDrive for Business
  2. Sharepoint
  3. Box
  4. Google Drive
  5. Amazon S3
Acquisition expands LogRhythm’s reach in the threat detection space and accelerates XDR market entry...
83% of survey respondents report the rise in remote workers increases the risk of a security inciden...
F5 raises revenue outlook, reiterates Horizon 2 non-GAAP operating and EPS targets, and reaffirms co...
Kaspersky and Alias Robotics have partnered to boost cyber-protection for robots that are used in op...
As we approach a year of what has now become out-of-office working, cybersecurity continues to be to...
Check Point Research (CPR) report a 45% increase in cyber-attacks on healthcare organizations worldw...
New solutions streamlines security and configuration policy into unified authorisation and authentic...
A new remote workforce study from CyberArk has found that the majority of UK employees feel more pro...