The NCAA’s March Madness is upon us, and basketball fans everywhere are filling out their brackets and placing bets on which teams will rise and which will fall. These teams are made up of talented individuals who work hard towards perfecting their craft, backed by coaches who mentor them to greatness. Like these coaches, organizations play a big role in coaching their staff to behave in ways that benefit the organization as a whole.

Just-in-time coaching proves effective

Skyhigh found that just-in-time coaching of user behavior delivers significant results. For example, when organizations display a coaching message to user when s/he attempts to access a high-risk cloud service, they saw a 65% decrease in the use of high-risk cloud apps on average. They also enjoyed a 97% overall reduction of in data sent to high-risk file sharing services, This represents a significant reduction in security and compliance risk given that  22% of files sent to file sharing services contain sensitive data.

Sensitive data in the cloud blog

DLP concerns outside of file sharing

Our research also found that, beyond file sharing, 4% of the fields in CRM applications contain a wide range of PII pertaining to an individual including but not nearly limited to: social security number, policy number, driver’s license number, and date of birth (age). Organizations will want to take a closer look at their or other CRM instance to understand the implications for security and compliance.

Most common responses to DLP violations

For companies who have extended their DLP policies to the cloud, Skyhigh analyzed actions trigged by policy violations and uncovered the remediation actions that occurred most often:

  •  60% – email alert to the violator/end-user
  • 31% – quarantine or tombstone a file
  • 26% – modify permissions to restrict sharing with external users
  • 13% – encrypt the data

The data shows that, just as organization can coach users on appropriate services to use, they can also coach users when it comes to uploading appropriate content to cloud services.  We also see that today’s organizations more frequently take the coaching approach in response to DLP violations.  Educating users is an effective way to reduce the risk associated with using cloud apps, particularly file sharing services.

Want more?

To see more data on how the cloud is used by enterprises and their employees today, download our latest Cloud Adoption and Risk report below.

Cloud Adoption and Risk Report Q4 2014

Based on data from over 15 million users, the definitive resource on cloud usage trends and risks.

Download Now