File-sharing apps like Dropbox, Google Drive, and Box are popular. Chances are you use at least one of them at work. In fact, Skyhigh’s recent Cloud Adoption & Risk Report found that the average employee uses 3 file-sharing apps at work. If you work in IT, file-sharing apps are also the most frequently requested category of cloud app from end users according to a recent Cloud Security Alliance survey.
The average company now uses a mind-boggling 45 file-sharing services today, which may actually impede collaboration, and the security controls of these services vary widely. We tracked usage data for the top file sharing services, and over the last year Dropbox and Google Drive remained the top services in terms of real usage. The use of enterprise-ready Box has increased while the popularity of Yandex.Disk ,which does not encrypt data at rest, has declined relative to others. Citrix ShareFile has risen from 8th to 5th in the last two quarters.
Many of these cloud services offer more than just file syncing across devices; they’re platforms for collaborating with other people. No matter how secure a cloud provider is, end users can always use their service in risky ways. Naturally, users share files with other people at their companies, but one concern we increasingly hear is that files are often shared via public links, which can be used by anyone without restriction.
Analyzing sharing data in corporate-sanctioned file sharing and collaboration services, we found that 11% of all documents were shared outside the company. The majority of these external collaborators turned out to be business partners, but 18% of external collaboration requests went to third party email addresses such as Gmail, Hotmail, and Yahoo! Mail.
This could raise some red flags given the sensitive information users upload to file-sharing services. We cross-referenced our analysis of sensitive and confidential data in the cloud with sharing activity and found that a small, but significant 9% of files shared externally contained sensitive or confidential information, putting these companies at risk. This problem is not isolated to a few employees. We found that 22% of employees upload sensitive data to file sharing services.
For more information on the state of cloud adoption today and its risks, download the complete Cloud Adoption & Risk Report Q4 2014 below.