SOURCE: Adallom


November 05, 2014 08:00 ET

Adallom 2014 Cloud Usage Risk Report Reveals Security Gaps, Risks in Usage of Enterprise SaaS Applications

Zombie Users, Orphan Files, and Super Admins Among Identified Risks

MENLO PARK, CA--(Marketwired - Nov 5, 2014) - Software as a Service (SaaS) security company Adallom today released its benchmark 2014 Cloud Usage Risk Report, an analysis of more than one million enterprise SaaS user accounts across four dominant SaaS platforms: Salesforce, Box, Google Apps and Microsoft Office 365 between October 2013 and October 2014.

Findings shared in the report dispel many SaaS security assumptions and reaffirm the need for new data governance and risk management in the context of cloud adoption.

  • 11% of SaaS application accounts are "zombies" -- users who have not logged in or used their accounts in the service.
  • More than 5% of files in cloud storage services are orphans (files with no owner); 2% of orphaned files were created by users no longer with the company (a data retention risk for an eDiscovery event).
  • The average company shares its corporate files with 393 external domains, and 5% of an average company's files are accessible by anyone on the internet.
  • Significant portions of authorized SaaS users have full administrative access;
    • 7% in Salesforce (2,000 average);
    • 4% in Google Apps (19,000 average); and,
    • 2% in Box (1,400 average).
  • Nearly 40% of companies have more data stored in Salesforce than any other approved corporate cloud file repository (including Dropbox, Box, Google Drive and Office 365).
  • 80% of companies have at least one former employee whose account credentials have not been disabled.

"As companies continue to realize the enormous cost and productivity gains that come with SaaS adoption, they should concurrently understand and address the inherent risks and take necessary precautions to protect data and brand integrity," said Assaf Rappaport, co-founder and CEO, Adallom. "Accounting for cloud data governance and shared responsibility for security are of paramount importance. Legacy controls like firewalls and mobile device management are ineffective at protecting users when they access SaaS applications from unmanaged devices outside the corporate network."

About Adallom
Founded in 2012 by cyber defense veterans, Adallom is a Software as a Service (SaaS) security pioneer. Adallom evolves the way enterprises secure information in SaaS by monitoring all activity, detecting unauthorized access and protecting users in real time. It is available in a private cloud or a SaaS-based solution. Adallom is backed by top tier VC firms Index Ventures and Sequoia Capital.

Contact Information

  • Contact:
    Mike Spinney
    CHEN PR for Adallom
    Email Contact