How clouded is your IT security? Research shows cloud adoption has its risks
Blue Coat Systems, Inc. a leading provider of advanced web security solutions for global enterprises and governments, today revealed the initial results from an online study conducted by YouGov of 3,130 workers in various industries across Britain, Germany and France.
The research offers a detailed look at how workers use cloud applications such as Dropbox, Box, Office 365, Slack, LinkedIn, Facebook and Gmail today safely, and otherwise.
Workers across Europe are leaving businesses vulnerable to the leaking and misuse of sensitive data on a scale most organisations might not yet appreciate. Results show 53 percent of European workers surveyed are using cloud applications at work. France has the highest level of cloud usage (64 percent), higher than both Great Britain (49 percent) and Germany (47 percent).
As cloud technology continues to power European businesses, often the cloud applications being used are not sanctioned by IT departments. This leaves sensitive work information exposed to improper use by employees unwittingly, or deliberately, sharing and storing data outside of protected work applications. The research highlights the main risks modern organisations face in the cloud, such as data falling outside of corporate control, known as ‘shadow data’. Key findings include:
Efficiency drives cloud application usage at work
Collaboration is the biggest reason data is shared with 23 percent of respondents using cloud applications to send information to colleagues. Efficiency is cited by 17 percent of respondents who use cloud applications for remote working and 10 percent use when travelling abroad. Millennials lead the way when it comes to sharing data on cloud applications: 30 percent of 18-24 year olds and 25 percent of 25-34 year olds share data with their colleagues, compared to 18 percent of 45-54 year olds and 21 percent aged 55+.
Critical job roles pose the biggest IT Security risk
IT (76 percent), HR (69 percent) and Financial (59 percent) professionals use cloud applications the most at work, potentially exposing the most sensitive and most valuable business data to lower security levels.
Marketing and customer data most exposed
Two areas targeted by the upcoming GDPR legislation, sales records and customer databases, are particularly at risk as cloud applications are regularly used to exchange databases and content. Of those who use cloud applications to share confidential work information, marketing data (29 percent) is the most likely to be shared or saved using these applications, followed by customer data (23 percent), IT data (20 percent), and financial data (17 percent).
Employees even risk breaking the law
Many of those polled who use cloud applications at work admitted to using them for unsanctioned use, such as taking corporate data before starting a new job, whistleblowing or even for personal protection. Stealing corporate data from your company before taking on a new job is illegal and yet seven percent of those polled admit to using cloud applications to do just that. Whilst not illegal, whistleblowing (where workers pass on information concerning wrongdoing) is the reason behind eight percent of cloud data use. Results also indicate that HR professionals (17 percent) are the most likely to use cloud applications for whistleblowing. Personal protection (where individuals take corporate data to keep personal information secure) was cited by 14 percent of those polled as a way of using cloud applications at work to share confidential work information. HR (21 percent), IT (18 percent) and Finance (17 percent) professionals appear to be more likely to use cloud applications for personal protection than other job roles, which presents a serious risk to businesses in view of the sensitive nature of the data handled by these particular professions.
Age is a major factor in cloud usage
The younger the employee, the more cloud applications they use: 63 percent of 18-24 year olds polled use cloud applications at work compared to 59 percent of 25-34 year olds, 55 percent of 35-44 year olds, 48 percent of 45-54 year olds and 47 percent of 55 and overs. Whilst typically more tech savvy, younger people could also be less likely to take security measures.
“This research highlights the behavioural traits of employees using cloud applications at work and the risks they expose their employers to through their behaviour,” commented Dr. Hugh Thompson, chief technology officer and SVP, Blue Coat Systems, Inc. “Most significantly, the job areas that manage the most critical data, such as IT, financial and HR, use cloud applications the most. This sensitive data is often the jewels that hackers are after and want to exploit most. Shadow data, outside of corporate IT controls, clearly remains a major challenge for organisations and data shared on unsanctioned applications requires a proactive approach to ensure employee access is within the parameters of safe usage.”