On Thursday, Netskope released a report analyzing risky app usage in enterprise environments.
On Thursday, Netskope released a report analyzing risky app usage in enterprise environments.

Eight percent of files residing in enterprise-approved cloud storage apps “constitute a DLP [data loss prevention] violation,” according to a new report highlighting the incidence in which corporate-sanctioned cloud storage apps present data loss concerns to enterprises.

Netskope's Q4 cloud report (PDF), released Thursday and which is based on findings from millions of users on its platform, also tracked overall cloud app usage, and noted that the most-used enterprise cloud apps fell in the cloud storage and social media category. Storage app Google Drive, for instance, was the top-used app among enterprises that quarter, while the Facebook app ranked second.

Netskope also broke down the top activities that resulted in policy violations for enterprises.

For cloud storage apps, users downloading, uploading and logging in presented the most policy violations, the report said. Users on social media apps, however, most often strayed from security guidelines when logging in to accounts or posting content.

While eight percent of files in corporate-sanctioned cloud storage apps were found in violation of DLP policies, Netskope also named other app categories accounting for a high volume of procedural breach. Among them were customer relationship management (CRM) and sales force automation (SFA) apps and webmail apps.

In a Wednesday interview with SCMagazine.com, Netskope CEO Sanjay Beri said that, in addition to seeing files in approved apps in violation of DLP policies, the firm often found data files in cloud storage apps being shared with individuals outside of the organization.

“It's a lethal combo,” Beri said. “Sensitive data being stored in the cloud, then that data being shared with people outside of your company.”

The report revealed that 25 percent of all files in cloud storage apps were shared with one or more people outside of the enterprise.