Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Saturday, 9 December, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Almost half of NHS Trusts do not monitor cloud app use, Netskope FOI request finds

by The Gurus
September 30, 2016
in Editor's News
Share on FacebookShare on Twitter

Today Netskope, the leader in cloud security, announces the result of a Freedom of Information (FOI) request into cloud app use in the NHS, which found that almost half of Trusts do not monitor cloud app use by employees.
This new data was obtained by a FOI request, issued to 80 of the UK’s Acute NHS Trusts, with 43 organisations responding. Based on those responses, over half of NHS Trusts (53 per cent) believe all unsanctioned cloud apps are completely blocked, yet at the same time fewer than one in five NHS Trusts (19 per cent) confirmed that all cloud app use is monitored.
Taken together, these findings highlight the possibility of risk arising from a belief that all cloud app use has been blocked. Without ongoing monitoring, there is still a risk that sensitive data are being uploaded and/or shared via cloud apps being downloaded and used without IT’s permission.
This suspected lack of visibility into cloud app use was borne out by the other findings from the FOI request. For example, 30 per cent of respondents were unsure how many cloud apps – both sanctioned and unsanctioned – were used by employees. While a further 35 per cent were able to pinpoint a specific number of cloud apps in use, the figures given were extremely low at an average of just 10.4 cloud apps per NHS Trust. This is compared to the 824 cloud apps found on average in organisations across EMEA by the latest Netskope Cloud Report. The low figures given for cloud app use continue to suggest that NHS Trusts have very limited visibility into the cloud apps used by employees and therefore may also have restricted visibility into the data being uploaded/shared through cloud apps.
The findings revealed that this lack of visibility into cloud app use may be creating a certain level of complacency amongst NHS Trusts. Despite just 19 per cent of NHS Trusts monitoring all cloud app use, 35 per cent stated that absolutely no cloud apps were in use. Many Trusts assume staff are not using unsanctioned cloud apps but do not monitor use to guarantee this fact. This unfounded confidence is highlighted further by the fact that 75 per cent of the NHS Trusts that did not know whether they monitor cloud app use also stated that absolutely no cloud apps are in use.
Highlighting the potential threats posed by cloud app use, recent Netskope research found that, on average, 26 pieces of malware are found in cloud apps across a given organisation and 43.7 per cent of this malware has delivered ransomware. In addition, with the EU General Data Protection Regulation due to take effect in May 2018, Netskope research has identified that 75.4 per cent of apps in use are not GDPR ready.  Despite the potential threats of unchecked cloud app use, almost half of all NHS Trusts (47 per cent) do not monitor all cloud app use by employees while more than one third (35 per cent) do not block unsanctioned cloud apps.
Commenting on these findings, Jonathan Mepsted, managing director UK at Netskope, says:
“While the NHS has shown great commitment to digitally transforming the patient experience, our data shows a concerning lack of awareness – both in terms of the potential security threats stemming from the cloud and also the data being stored and shared by employees through cloud apps. Given the NHS deadline to go paperless by 2020 and the resulting push towards a digital-first strategy, NHS Trusts will need to ensure the correct security controls are in place in order to remain vigilant to the possible threats posed by cloud apps and take proactive measures to secure data in the cloud.
“Although apps offer significant productivity benefits, when left unchecked they can also pose serious risks for organisations such as fines for non-compliance and reputational damage. The healthcare sector in particular handles a huge cross-section of sensitive data, including large amounts of personally identifiable information relating to citizens’ health. It is absolutely vital that this sensitive data is kept secure. An appropriate strategy around cloud app use is a vital piece of this security issue.
“With a growing appetite for sensitive medical data amongst cyber criminals, the healthcare industry needs to respond by ensuring IT teams have the tools they need not only to have visibility into employee app use and activity, but also to have deeper intelligence, protection, and remediation that can help them stop malware in its tracks. As the cloud threat landscape becomes increasingly complicated, steps must be taken to ensure that patient privacy and security remain a top priority.” 
Methodology
Netskope issued a Freedom of Information (FoI) request to 80 UK Acute NHS Trusts, asking the following questions:

  1. Do you block the use of cloud apps not officially purchased or sanctioned by your department’s IT team? (Cloud apps are apps such as Dropbox, Box, Google Drive, iCloud, WeTransfer, etc., which operate in the cloud and therefore do not necessarily need to be downloaded to a PC/laptop/mobile device to be used.)
  1. How many cloud apps are in use by employees in your department? Please include both those apps purchased or sanctioned by IT, and unsanctioned apps i.e. used by employees without IT’s permission. If you do not know whether/how many unsanctioned apps are in use, please state this and provide the number of sanctioned/authorised cloud apps.)
  1. Do you monitor cloud app use by employees in either sanctioned or unsanctioned apps, for example by monitoring what data are uploaded and/or shared using cloud apps?

NB: Netskope received responses from 43 of the 80 NHS Trusts.

FacebookTweetLinkedIn
ShareTweet
Previous Post

Researchers Think the Same People Hacked the DNC and MH17 Journalists

Next Post

Exploiting the firewall beachhead: A history of backdoors into critical infrastructure

Recent News

New Synopsys Report Reveals Application Security Automation Soars

December 5, 2023
Over 80% of IT Leaders Want to Move Their On-Prem PAM Solution to the Cloud

Over 80% of IT Leaders Want to Move Their On-Prem PAM Solution to the Cloud

December 5, 2023
Centripetal real logo

Centripetal Announces Partnership With Tiger to Provide Cybersecurity Innovation to the UK Market

December 7, 2023
Google bins inactive accounts

Google bins inactive accounts

December 1, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information