Sanctioned Cloud Apps Can Contain Malware, Too: Report
With the rise of BYOD, enterprises have had to provide sanctioned cloud apps that offer the necessary functionality while ensuring the required security. However, it seems that even some of these sanctioned apps can be laced with malware.
According to a new report by Netskope, released this week, since the previous cloud report, released in Q4 2015, the percentage of enterprises that have sanctioned apps containing malware has grown from 4.1 percent to 11 percent. The majority of these detections (73.5 percent) were categorized as severe.
The majority of malware detected were JavaScript exploits and droppers (63.3 percent), which are used in ransomware attacks, Microsoft Office macros (21.3 percent), backdoors (4.9 percent) and mobile malware (4.3 percent).
According to the report, in Q1 2016 employees used an average of 935 cloud apps.
Microsoft apps are among the most used in the enterprise, claiming seven of the top 20 apps used. Microsoft services such as OneDrive and Outlook.com, and OneDrive for Business ranked among the top apps used by enterprises.
The report also looked at the readiness of cloud apps to comply with the EU’s General Data Protection Regulation, whose full implementation is less than two years away. According to Netskope, 75 percent of the more than 22,000 apps tracked in the report fail to comply with the regulation’s data privacy mandate. Failure to comply puts enterprises at risk of paying steep fines.
“The shift to the cloud presents an increasing complexity and volume of security challenges for enterprises, including regulations like the EU GDPR,” Sanjay Beri, CEO and founder of Netskope said in a statemnent.”With the deadline for compliance looming, complete visibility into and real-time control over app usage and activity in a centralized, consistent way that works across all apps is paramount for organizations to understand how they use and protect their customers’ personal data.”