Back in 2011, entrepreneur and investor Marc Andreessen wrote about how software impacts nearly all areas of modern life. The principal platform for software applications today is not a hard drive; it’s a web browser. Software delivered over the Internet, referred to as the cloud, is not just changing how people listen to music, rent movies, and share photos. It’s also transforming how businesses operate. Studies have shown that businesses taking advantage of productivity-enhancing cloud services grow 19.6% faster than their counterparts that don’t.
Similar to previous shifts in technology, such as the rise of the PC and the Internet, the cloud creates new and significant concerns among business leaders about the potential for headline-making security incidents. Because employees often bring their own apps to work, companies typically don’t know which ones are being used to store corporate data. Even within the cloud services purchased by a company’s IT department, there is limited visibility into user behavior and how sensitive information is accessed and shared.
To better understand these trends, Skyhigh Networks publishes a Cloud Adoption & Risk Report, the first and most comprehensive report of its kind. What makes our report unique is that we base our findings on actual usage data for over 30 million users worldwide, substantially more than any other similar study.
Broken down by industry, there are clear trends in both the variety of cloud services used by organizations and users as well as the volume of data uploaded each month. Technology companies use a wider variety of cloud services than any other industry, with the average company using 2,033 distinct cloud services. That’s followed by manufacturing (1,837 services), and business services (1,771 services). Government agencies use the fewest cloud services, on average, at just 944 per agency.
Enterprises are moving an increasing number of home-grown cloud services they had previously deployed in their data centers and private clouds to the public cloud. As an early pioneer in infrastructure as a service (IaaS), Amazon maintains the highest market share. However, in the past two years, Microsoft Azure has rapidly emerged as a major player in the public cloud infrastructure market.
Comparing the services that are not allowed based on an enterprise cloud governance policy and actual block rates, we found there can be a wide gap between what IT thinks it’s blocking and actual blocking rates. There are three primary causes for this gap: cloud services regularly introduce new URLs and IP addresses that are not blocked by firewalls and web proxies, access policies are not standardized across global egress infrastructure, and organizations fall victim to exception sprawl.
Beyond usage, one way to look at the cloud services that are most endorsed for enterprise use is by looking at the governance policies companies implement. By analyzing the cloud services that are most frequently sanctioned and considered “approved” according to enterprises, we identified the cloud services that have been embraced by corporate IT departments.
We also looked at cloud services that have the highest percentage of enterprises that categorize them as prohibited for corporate use. Three of the top ten are PDF converters and another service resizes images. Two are BitTorrent services, which are frequently used to share pirated movies, music, and software.
In Q3, 71.3% of the cloud services in use by the average company were enterprise cloud services and these services accounted for 71.6% of data employees uploaded to the cloud at work. Microsoft delivers 5 of the top 20 services. From a security standpoint, the top 20 enterprise cloud services are significantly more likely to have enterprise-grade security controls than the average enterprise service (80% vs. 9.3%).
Consumer cloud applications accounted for 28.7% of the cloud services in use in the average workplace and 28.4% of data businesses upload to the cloud. Social media, content sharing and collaboration services dominate the top 20 list. Only one service on the top 20 list delivers enterprise-grade security controls (5%) versus the overall average of 3.4% across all consumer services.
OneDrive emerged as the leading file sharing service this quarter for the first time, displacing Google Drive in enterprise user count. It’s followed by Google Drive, Dropbox, and Box. This quarter, WeTransfer surpassed ShareFile to take the 5th spot on the list and MediaFire joined the top 10 for the first time.
Microsoft Office 365 continues to dominate the list of cloud-based collaboration platforms. Skype overtook Gmail for the second position in the rankings. Collectively, the Office 365 suite maintains a higher active enterprise user count than Google’s G Suite. Slack appears on the top 10 list for the second time, ascending to the 9th position this quarter, displacing Wunderlist.
Facebook, Twitter, and Linkedin still dominate the social media category. Tumblr has continued to drive active users following its acquisition by Yahoo! in 2013. Several services are not based in the United States, including VK (Russia), Sina Weibo and Qzone (China), and XING (Germany).