Critical Read

How much cloud is too much cloud?

Shutterstock image (by ra2studio): young businessman looking at a cloud concept wall.

(Image: ra2studio / Shutterstock)

What: "Cloud Adoption & Risk in Government Report," by Skyhigh Networks

Why: In order for government to secure all the cloud services it offers and meet FISMA and FedRAMP requirements, it first needs to know how many cloud services are actually coming into the organization.

The average public sector organization uses 721 cloud services. A recent study found that only one third of federal agencies met a June 2014 deadline to meet FedRAMP security guidelines -- but that report didn’t cover what cloud services employees are bringing to work with them, known as shadow IT.

Skyhigh Networks’ fourth quarter 2014 report looked at what cloud services are most prevalent in government organizations and the risks associated with such services.

The top categories of cloud services are: collaboration cloud services (like Microsoft Office 365, Gmail, etc.), file-sharing services (Box, Dropbox, Google Drive, etc.), development services (GitHub, SourceForge, etc.) and social media services (like Facebook, LinkedIn, etc.).

The report also found that agencies increased their spending on security for cloud services over the past year as companies expanded their capabilities.

About 1,459 cloud services (17 percent) offer multi-factor authentication, compared with 705 services last year, and 1,082 (11 percent) encrypt data at rest, compared with 470 services last year.

While agencies are taking measures to block access to non-secure services via a firewall or proxy, the report found that there is a cloud enforcement gap for how effectively agencies are blocking these services.

For example, Dropbox’s enforcement gap is 64 percent -- cloud services think their block rate is 80 percent, when in fact it is only 16 percent. Dropbox’s enforcement gap is closely followed by Instagram (45 percent), and Apple iCloud (42 percent).

Verbatim: "In some categories, the fragmentation of cloud services impedes collaboration across teams, introduces friction and creates cost inefficiencies. In addition, employees may not fully understand the risk of cloud services before using them in the workplace." 

Read the full report here.

About the Author

Colby Hochmuth is a former staff writer for FCW.

Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.