Upload
luke-farrell
View
180
Download
8
Embed Size (px)
Citation preview
When an employee receives or shares a file through a high-risk platform, are they committing a heinous security crime or
just doing their job?
The Box strategy for addressing Shadow IT in the Enterprise doesn’t place the blame on employees.
How big is the file sharing universe?
The average company uses 49 file sharing services.
An increase of 104% since 2014 1
File sharing accounts for 39% of corporate data uploaded to the cloud 2
1, 2 Skyhigh, Cloud Adoption Risk Report, Q1 2015
Is your confidential data protected?
22% of all files in the cloud contain confidential data 4
37% of employees have uploaded at least one file containing confidential data 5
4, 5 Skyhigh, The Definitive Guide to Cloud Security
Most file sharing services aren’t equipped to encrypt confidential data
Only 26% have 256-bit encryption or higher 7
Only 40% encrypt data at rest 6
Less than 1% offer customer managed encryption keys 8
6-8 Skyhigh Cloud Adoption Risk Report
39% have identity federation 10
21% offer multi-factor authentication 9
Many services lack adequate identity and authorization controls…
Only 50% provide granular access controls 11
24% include IP filtering support 12
9-12 Skyhigh Cloud Adoption Risk Report
… Or proper transparency and threat mitigation
Less than 44% conduct pen-testing 14
Only 1% have malware protection 15
59% have user activity logging 16
29% have app security measures (CSRF, SQLi,
XSS) 17
14-17 Skyhigh Cloud Adoption Risk Report
Four steps you can take to address Shadow IT
AssessIdentify your high-risk services, using network and expense audits
AnalyzeCreate a security checklist to identify secure tools and services
SecureSelect tools that meet those requirements, and train employees to use them
ImproveDesign a strategy for reviewing new applications and risks
Next, manage Shadow IT. Learn what you need to make a file sharing service truly
secure:
Secure File Sharing Basics eBook