Netskope: Malware On The Rise In Cloud Apps Blessed By Enterprise IT Departments

Cloud security vendor Netskope released its latest report Thursday assessing Software-as-a-Service usage for the first quarter of 2016, revealing a surge in the amount of malware discovered lacing the cloud-based applications sanctioned by enterprise IT departments.

The Netskope Cloud Report found that, on average, from January through March, 11 percent of its customers discovered malicious software in apps approved for business use. And more than a quarter of those tainted files were shared with other users -- or with the public -- according to the report.

In its previous study looking at the three months closing out 2015, Netskope reported that 4.1 percent of enterprises had "e-discovered" malware in their sanctioned apps.

[Related: Netskope Closes $75M Funding Round As Unchecked Cloud Software Lurks In The Workplace]

At the same time, Netskope calculates that the vast majority of cloud-based applications deployed in the workplace -- more than 95 percent -- were not provisioned from central IT, which makes it stand to reason that both the 4 percent and 11 percent figures were low.

SaaS has "emerged as one of the most significant threat vectors for malware," Netskope Chief Managing Officer Jamie Barnett told CRN. "The vast majority of cloud apps aren't formally sanctioned by IT, nor is IT even aware of them in many cases, and we're going to continue to see this number go up in the short term as businesses evolve their security strategies to better detect and control their cloud app ecosystems."

The report compiled data on app usage from hundreds of global accounts using the Netskope Active Platform, constituting millions of anonymized users.

Netskope told CRN it's hard to definitively explain the almost-tripled instances of detected malware in consecutive quarters, or attribute the surge to detection methods instead of an actual greater prevalence of malware, because the data sets used in both studies were consistent.

But the security vendor told CRN it will soon incorporate scans of both sanctioned and unsanctioned apps to obtain a more accurate overall figure.

The latest report documents growth in overall adoption of cloud applications, though not nearly as fast as malware discovery.

Last quarter, Netskope concluded enterprises were using, on average, 917 cloud applications. That number slightly rose to 935 apps in the first quarter.

Microsoft Office 365 business productivity apps led the way in terms of adoption, with Outlook.com and OneDrive for Business in the No. 2 and 3 usage rankings among enterprises, and SharePoint, Yammer and Lync making the top 20.

Gmail and Google Drive were sixth and seventh in overall enterprise adoption, as tracked by Netskope.

Facebook, once again, was the leading SaaS application used in the enterprise.

Netskope's report noted that the cloud-based apps that are the worst offenders for Data Loss Prevention involve storage functionality -- representing three-fourths of all apps found to compromise data.

The report also found that most apps aren’t ready to comply with the upcoming European Union General Data Protection Regulation, which mandates enterprises ensure proper geographic bounds, and security and privacy controls for their data in the cloud. The law requires those users to sign data processing agreements with cloud service vendors.

"Our early findings indicate that 75.4 percent of all cloud apps are not ready for the GDPR, meaning they lack proper geography, security, and privacy controls as well as industry certifications to be considered ready to comply with the requirements of GDPR," the report stated. "When assessing cloud apps, enterprises will increasingly have to do the due diligence on cloud apps in use by employees and compensate for the lack of native controls."

Common vulnerabilities in enterprises apps, according to Netskope, included JavaScript exploits and droppers, macros, backdoors, mobile malware, spy- and adware, and Mac malware.