Even With Company-Approved Cloud Apps, 3.2 Percent of All Files Represent Risky Data Exposures, While 1.34 Percent of All Accounts Have Malicious Usage
　　SAN JOSE, CA--(Marketwired - Jun 9, 2015) - Elastica (www.elastica.net), the leader in Data Science Powered™ Cloud Application Security, today released its Q2 2015 Shadow Data Report, providing a data-science powered analysis of hundreds of millions of enterprise files stored and shared within leading enterprise cloud applications. Highlighted in the report (available here: http://www.elastica.net/q2-2015-shadow-data-report/) are key trends and insights that reveal cloud app usage, the type of sensitive content enterprises share and store in cloud applications, and associated breach risk levels.
　　Healthcare Data Leads in Exposures
　　Based on an evaluation of cloud file usage and exposures by industry, Elastica found that the healthcare industry topped the list of verticals with the most policy violations leading to leaks of sensitive PHI (protected health information) data. This is most likely due to the complex nature of both vendor relationships (doctors, hospitals, clinics, etc.) and customer relationships (patient, employees, contractors, insurance companies, etc.) and the greater economic value associated with black market healthcare records.
　　Average Financial Impact of SaaS Storage Breaches Exceeds $13 Million
　　This year, Elastica developed a practical measure for risk -- the Elastica Total Economic Impact (ETEI) of cloud data exposures for cloud app providers such as Box, Google Drive and others. Based on calculations and data analysis, Elastica concluded that, on average, the direct financial impact to a company due to exposed data in SaaS can be up to $13.85 million.
　　Most Organizations Have Accounts with Malicious Activities
　　Elastica's threshold and behavioral data science analysis showed that 1.34 percent of all accounts had signs of malicious activities, driven by both inside and outside threats such as account hijacking, rogue activities or the malicious destruction of data.
　　A Quarter of Documents Are Broadly Shared
　　Elastica found that 25 percent of the hundreds of millions of data files analyzed in company approved apps were broadly shared, and of those files 12.5 percent contained sensitive or compliance related data, meaning they are at the highest risk of being target for a breach. Furthermore, 9 percent of all files were publicly exposed, meaning anyone on the Internet with a link to the shared content could access it.
　　"Even when companies embrace enterprise-grade cloud apps, there remains a challenge in understanding the sensitive content their users are storing within them, and how that content is being exposed, intentionally or unintentionally. Undetected by traditional security tools, these risky exposures put an enterprise at jeopardy," said Rehan Jalil, CEO of Elastica. "Enterprises need advanced methods of monitoring, detection and prevention applied by data science and machine learning in order to mitigate financial and reputation damage."
　　Additional Resources:
　　·Access the research - http://www.elastica.net/q2-2015-shadow-data-report/
　　·Attend a joint Cloud Security Alliance and Elastica webinar on June 25 at 10 am PDT / 1 pm EDT. Jim Reavis, CEO of the Cloud Security Alliance and Kapil Raina for Elastica will discuss how Shadow IT and Shadow Data are evolving within the cloud app landscape. To register for the webinar, please visit:https://www.elastica.net/shadow-data-report-webcast/
　　·Follow the blog - For added commentary and regular insights, visit our blog:https://www.elastica.net/category/blog/
　　Interact with Elastica:
　　Join Elastica on LinkedIn: https://www.linkedin.com/company/elastica
　　Like Elastica on Facebook: https://www.facebook.com/ElasticaInc
　　Follow Elastica on Twitter: https://twitter.com/elasticainc
　　About Elastica:
　　Elastica is the leader in Data Science Powered™ Cloud Application Security. Its CloudSOC platform empowers companies to confidently leverage cloud applications and services while staying safe, secure and compliant. A range of Elastica Security Apps deployed on the extensible CloudSOCTM platform deliver the full life cycle of cloud application security, including auditing of shadow IT, real-time detection of intrusions and threats, protection against intrusions and compliance violations, and investigation of historical account activity for post-incident analysis. Elastica is venture-backed by the Mayfield Fund, Pelion Ventures, Third Point Ventures and is headquartered in San Jose, CA.
　　Learn more about Elastica at http://www.elastica.net.
　　CONTACT INFORMATION
　　Media Contact for Elastica
　　Vivian Shic
　　Bhava Communications for Elastica
　　[email protected]
　　925-323-9382