We just released some research on cloud app ecosystems. Let me break it down and share some thoughts from our research team.
Enterprises are adopting popular cloud apps like Salesforce and Office 365. Those app vendors make it easy for other apps to integrate with them by providing rich APIs, which in turn helps such an ecosystem to grow and thrive. Just look at Salesforce’s comment last year that half of its revenue is attributed to its APIs. In fact, I’m co-presenting on this very topic at RSA. Don’t miss it!
A good example of how these ecosystems work is DocuSign, an e-signature and digital transaction leader. Let’s say a sales rep executes a contract in Salesforce and requires approvals from executives in other departments such as finance, sales operations, client services, and billing. Once the contract is executed, DocuSign can route it to special folders in Box, Dropbox, or Google Drive, and manages the process of obtaining the e-signatures required from across the organization. There are literally hundreds – and in some cases, thousands – of such apps that perform discrete functions and complete workflows that make the major app much more valuable as part of a complete solution.
The big finding in the study is the number of apps per major app. We studied four apps, and found that in each of the enterprises in our cloud service, there is an average of 28, 26, 20, and 19 cloud apps for every implementation of Box, Salesforce, Dropbox, and Google Apps respectively. Even more interesting, when we marry these stats to the data in the Netskope Active Platform, we find that, among other things, 15.3 percent of all downloaded data and 44.4 percent of DLP violations are from the Salesforce ecosystem (exclusive of Salesforce).
Why spend time on this research? Well, there’s a lot of talk in the market about protecting the major apps or sanctioned apps. While organizations rightly put a lot of emphasis on those apps, more controls can be like building a fence around Fort Knox. Instead, they should be paying attention to the myriad of apps that share data with those apps. Those ecosystems are made up of apps that have been sanctioned by the enterprise and several that are unsanctioned.
Here are five things we recommend for getting your arms around cloud app ecosystems:
- Know what apps are running in your organization that integrate with your major apps, including sanctioned and unsanctioned apps;
- Understand the workflows they complete and what data they pull out of (or contribute to) your major apps;
- Secure access to those apps with identity management or SSO;
- Monitor those apps as a group with your major apps. We have the ability to do this with custom app tags in the Netskope product; and
- If you enforce policies (e.g., “don’t share outside of the company” or “don’t download if the content contains personally identifiable information,”) in your major apps, extend those policies to your ecosystem apps as well to get the intended security outcome.
About the Author
As a thought leader in Internet security, Rajneesh is vice president of product management at Netskope. He previously held senior level positions at Juniper Networks and Cisco Systems. Coffee notes: Rajneesh is currently powered by Peet’s Café Domingo.Follow on Twitter More Content by Rajneesh Chopra