With so much of our data being stored in the cloud, it can be difficult to pinpoint the exact points where data is lost or exposed to malicious users. Recently, cloud application security provider Elastica released its Q2 2015 Shadow Data Report to shed light on how data is being stored and shared among leading cloud applications, and to highlight which areas are the most at risk for theft.

The study, which analyzed hundreds of millions of enterprise files stored and shared within enterprise cloud applications, revealed several interesting figures, including the relative risk of private patient information in the healthcare system.

The healthcare industry ranked number one in a list of verticals with the most policy violations leading to a loss of personal information, due in part because of the complex relationships between customers and vendors, according to the study. Elastica also believes the relative value of personal information on the black market is another driving factor in the prevalence of fraud and theft of healthcare information stored in the cloud.

Elastica also estimated that the cost of exposed data in SaaS can total up to $13.85 million per incident, according to the study. Additionally, about 1.34 percent of all accounts within organizations exhibit signs of malicious activities, meaning enterprise users need to be particularly mindful of protecting sensitive data.

Out of all the hundreds of millions of data files analyzed for the study, Elastica, found that 25 percent were broadly shared, with 12.5 percent of those files containing sensitive or compliance related data. About 9 percent of all files are publicly exposed, putting them at greater risk of being accessed by bad actors, according to the study.  

“Even when companies embrace enterprise-grade cloud apps, there remains a challenge in understanding the sensitive content their users are storing within them, and how that content is being exposed, intentionally or unintentionally,” said Rehan Jalil, CEO of Elastica, in a statement. “Enterprises need advanced methods of monitoring, detection and prevention applied by data science and machine learning in order to mitigate financial and reputation damage.”

While it’s important to note that although Elastica has a vested stake in convincing users to implement more stringent cloud security methods, the information within the study is important because it highlights the fact that even enterprise cloud applications are not 100 percent secure. And even though there will likely never be a completely secure option for storing sensitive information, being aware of potential risks and knowing how to mitigate data loss is a huge factor in protecting your customers, your employees and your businesses from both financial loss and customer dissatisfaction.