By Ericka Chickowski 1

The volume and diversity of cloud services in use by companies continues to rise significantly year-over-year. And, according to a report out yesterday by Skyhigh Networks, the good news is that security capabilities have also matured as deployments have grown. Increasingly more services are offering better encryption, multi-factor authentication and ISO 27001 certification proving their in-house security practices. Nevertheless end user organizations are still struggling with data governance and access control in the cloud.

The Cloud Adoption & Risk (CAR) Report showed that from fourth quarter 2013 to fourth quarter 2014, the average number of cloud services in use within the enterprises increased by 43 percent to 897 services, which includes both sanctioned and shadow IT applications.  Among these cloud services, the fastest growing categories were development-related and collaboration services.

As more organizations lean on these services, they’re finding cloud service providers increasingly investing in security features. Based on cloud services usage for an aggregate pool of 15 million end users, Skyhigh showed that in 2014 the number of services encrypting data at rest  and offering multi-factor authentication more than doubled and the number that were ISO 27001-certified increased nearly three-fold. Still, though, of the more than 8500 services cataloged by Skyhigh, just 9 percent were cloud-ready. For example, 89 percent of services still don’t encrypt data at rest.

Click here for Talkin’ Cloud’s Top 100 CSP list

More concerning are organization’s data governance and access control when leveraging cloud services. Currently, more than a third of users upload sensitive data to file-sharing services and 9 percent of documents shared externally contain sensitive personal or payment information. What’s more, 92 percent of companies have users with compromised cloud accounts and 12 percent of users today have at least one account that has been compromised.

With security features within cloud services so inconsistent and client organizations still failing to find ways to secure data within even the most secure services, there’s a huge opportunity for channel providers to add value to cloud acquisition and deployment. Those VARs, MSPs and brokerage services able to help clients select the most secure offerings and develop and enforce data governance policies stand to not only maintain relevance in the shift to the cloud, but also develop new, sustainable revenue streams.