Findings show file security violations within organizations have spiked 134 percent
BetterCloud, the leading SaaS Management Platform (SMP) for discovering, managing and securing the growing stack of SaaS applications in the digital workplace, today released “Data Security Report 2021: Top Risks in File Security.” BetterCloud surveyed more than 500 IT and security professionals—and examined internal BetterCloud data from thousands of organizations and users—to understand their top challenges, priorities, and the magnitude of data loss and sensitive information leaks.
“Last year, remote work became widespread, speeding digital transformation and SaaS adoption. With it came more collaboration, file sharing and an overall boost in productivity—which employees and businesses have embraced,” said David Politis, CEO, BetterCloud. “But it’s also brought about a host of new SaaS file security requirements and challenges due to the surge in remote access to networks and business data. Our findings clearly show this is a growing concern, but they also show companies aren’t investing enough in SaaS file security—thus increasing the risk for potential incidents, whether intentional or unintentional.”
Among the key findings on SaaS file security:
- Lack of visibility into SaaS data plagues IT: Nearly half of organizations say their top security concern is not knowing where sensitive data lives.
- Well-meaning but negligent users are the biggest data loss risk: More than 70 percent of organizations say the biggest data loss risk is the well-meaning but negligent employee.
- IT doesn’t trust users with company data: Only 35 percent of respondents trust end users to responsibly share and store company data.
- Securing user actions within SaaS apps is hard: Nearly half of respondents say they have difficulty securing users’ activities within SaaS apps.
- SaaS file security violations are out of control: This year, as the world reopened for business, file security violations have spiked 134 percent, and the types of violations are rampant throughout the organization.
- Organizations don’t invest enough in SaaS file security: Less than half say they invest enough.
- Too few organizations invest in the technology best able to improve SaaS file security: When organizations do invest, about 64 percent invest in Security Information and Event Management (SIEM) tools, 40 percent in Cloud Access Security Brokers (CASBs), and 37 percent in SaaS management platforms (SMPs).
- Organizations are rapidly adopting SMPs to solve SaaS file security challenges: 55 percent of organizations plan to use SMPs within the next 12 months.
For the report, BetterCloud surveyed more than 500 organizations with at least 200 users from a range of industries and sizes. The sample also includes responses from both IT and security professionals. In addition, BetterCloud analyzed file security violations across its user base. This analysis includes data from nearly 2,000 organizations with more than 200 users covering millions of users and files across hundreds of SaaS apps. The data comes from BetterCloud’s automated scanning with 90+ pre-built data identifiers to find the most common sensitive data types for 25+ different countries, such as personally identifiable information (PII), words and phrases that violate HIPAA compliance, profanity, and financial information.