The average company in Europe is running 987 cloud services, with the vast majority coming under the heading of shadow IT.
So says director of EMEA marketing at Skyhigh Networks, Nigel Hawthorn, after presenting the results of a survey carried out by his company today.
Speaking at Computing’s Enterprise Security and Risk Management 2015 conference, Hawthorn asserted that “the number[s] of sanctioned IT is enormously outweighed by shadow IT”.
“For these, the first thing you need to do is ask ‘What’s going on?’,” he said.
Describing the survey, Hawthorn said: “It’s not asking people for their opinion, it’s finding out how much traffic is coming at [companies] from around Europe over six-month periods.”
Hawthorn said the cloud services being installed by end users are “not consumer – these are corporate”, but many continue sending and receiving data over the weekend outside office hours.
“How are you managing your risks 24/7?” he asked delegates.
Hawthorn explained that the removal of Safe Harbour meant 17.2 per cent of the cloud services of European companies that Skyhigh surveyed back in June 2015 had now been axed.
Sixty-seven percent of cloud services in the world “should not hold EU data” either, he added, because they cannot guarantee data protection.
Hawthorn finished his presentation with some advice for firms looking to store data in the cloud.
“Ask [the provider], do they encrypt data at rest, or in transit? Who owns the intellectual property? Has data been lost before – all sorts of parameters allow you to get an idea, and build your own risk profile. What are users sharing, and who are they sharing it with?”