Occasionally, there are moments when the world cleaves into “before” and “after.” Every so often, lightning strikes and it’s clear from one second to the next that big change has come.
That’s certainly the way the world feels since March 2020.
Although we had been working toward and talking about a world in which our work lives and home lives blend seamlessly for at least a decade now, the sudden lurch forward into a digital space still felt like a bit of a shock. And we’re finding that the key to making it work — to striking a new balance — is in how we both make the best use of cloud-based applications and services (also known as software-as-a-service [SaaS]), and maintain an acceptable level of cloud application security.
We are wrestling with new questions and challenges and boundaries. When it comes to using cloud apps, where does work stop and personal use begin? Is streaming a little music while working on a project a misuse of company resources? Are we opening ourselves up to unacceptable security risks using unapproved remote desktop, social media, or storage tools?
Cisco Umbrella published a study today of top trends in cloud applications — their current usage, the risks and the opportunities, and what we can do to move forward with cloud applications in a secure and productive way. This report features data collected from November 2020 through March 2021 and drawn from Cisco Umbrella’s DNS resolution and cloud application discovery capabilities. The data is from paying Umbrella customers and has been de-identified, aggregated into categories, and anonymized.
Upon analysis, a few key points emerged.
Key cloud application security insights
Cloud apps are on the rise
Internet traffic from cloud-based applications grew 33% in 2020. Tracking along with that, Cisco Umbrella’s application discovery service experienced 20% growth in the number of applications controllable by our service — i.e., apps we can see, assess the security risk of, and block if necessary.
Businesses block what they don’t use
The cloud apps that get blocked by your employer greatly depend on the office productivity applications your team primarily uses. For instance, Microsoft Office 365 generates 18X more internet traffic than its next closest competitor — Google. So, if your business is Team Microsoft, you may find Google apps are more frequently blocked in your organization.
Shadow IT still limits visibility
The move to remote work and an increase in bring-your-own-device (BYOD) policies are making it more difficult for IT teams to maintain security over cloud apps, particularly in areas like DIY tech support and streaming media players.
We’re embracing more social, more media
As work-from-home (WFH) practices continue, our work and personal lives blur together, leading to a significant rise in the use of social and media applications on the job.
Data loss is a significant risk with cloud storage
As users continue to embrace cloud storage services unapproved by IT, data protection remains a major issue, leading to a considerable number of blocked queries to those services. So which services did customers of our application discovery service block the most? Apple iCloud and Dropbox are blocked at 20X and 16X the rate of other cloud storage providers.
As we’ve made the leap from centralized, controlled, on-premise applications to the wider world of cloud-based SaaS services, whole new avenues and opportunities have opened up for the modern workplace.
In this new world, we can’t continue doing business the same old ways. We need new perspectives informing new policies, equipped with new capabilities to help us keep on top of cloud application security. The visibility to see and understand these apps and the risks they pose becomes of paramount importance. Equally, we need the intelligence to inform us of the latest threats. This is what Cisco Umbrella was built for – solving new security challenges with strong, simple-to-execute, and easy-to-scale cloud-based DNS-layer protection that includes applications discovery, secure web gateway, and firewall capabilities. Get the report on 2021 Cloud Application Security today.