The document discusses the risks associated with shadow data, which refers to sensitive data stored on cloud services by employees without organization oversight. Through analyzing over 100 million files on cloud file sharing services, the author identified 7 main risks: 1) the volume of shared content is rising, 2) up to 20% of broadly shared files contain compliance-related data, 3) sensitive data is often at risk, 4) inbound sharing can create liability, 5) a small number of users are responsible for most risks, 6) passwords and encryption are not sufficient, and 7) efficient remediation can save significant time per user. The author argues this shadow data and lack of visibility present challenges for organizations.

1. Shadow Data Exposed
@Zulfikar_Ramzan / CTO / www.elastica.net
12-November-2014

2. Overview
Rapid
increase
in enterprise
cloud service
adoption (SaaS ,
IaaS): Shadow IT.
Sensitive data
stored on these
services is also
increasing:
Shadow Data.
Organizations
(legacy
technologies) lack
visibility into
these
movements.

3. SaaS - Fastest Growing Segment of Public
Cloud
3
$130B SaaS Market by 2020

4. Methodology
Used APIs for
cloud file
sharing
services (Box,
Google Drive)
Identified
seven high-level
risks
(backed by
data)
100MM+ files
anonymized,
analyzed
Wide variety
of regulated
and targeted
verticals

5. Risk 1: Volume of Content in File Sharing Apps
is on the Rise
5
• Roughly 9% of files are broadly shared
• Of these, 68% shared company wide, 19%
shared externally, 13% share publicly
• Speaks to ease of sharing!

6. Risk 2: Up to 20% of broadly shared files contain
compliance-related data
Personally Identifiable Information (PII)
Protected Health Information (PHI), governed by
HIPAA
Payment Card Information (PCI), governed by PCI-DSS
6

7. Risk 3: Sensitive and valuable data is often at
risk
Data Governance extends beyond compliance
There are many kinds of sensitive documents that should not be widely shared
7

8. Risk 4: Inbound sharing can create liability and
risk for your organization
INBOUND
SHARING IS
INCREDIBLY
EASY
DATA WILL
NOT PASS
THROUGH
YOUR
PERIMETER
WHAT
LIABILITIES
ARE
CREATED?

9. Risk 5: The worst offenders are often
concentrated to just a few
9
WANT TO
KNOW WHO
IS BEHIND
ACTIONS
PARETO
PRINCIPLE
APPLIES
FOCUS
EDUCATION
ON THESE
BAD
ACTORS

10. Risk 6: Passwords and encryption are not
enough
10

11. Risk 7: Efficient remediation can save days of
effort per user
11
67
minutes 16
seconds
vs

12. The Need for Visibility
Tectonic Shift in the Market
1
2
On Premises SOC 1.0
Unmonitored
activities
Outside reach of
SOC 1.0
On-Premises
Many pieces to Buy, Assemble &
Operate

13. Elastica’s CloudSOCTM Taps Multiple
Sources
1
3
Elastica CloudSOC
Gaining Visibility
Gateway
Firewall
MDM
API
Remote
Worker
Gateway
MDM
Firewall
BYOD
On-premises worker

14. Recap
1
Volume of content on
the rise
2
20% of broadly shared
files contain
compliance data
3
Sensitive & valuable
data is often at risk
4
Inbound sharing
creates liability & risk
for your
org.
5
Worst offenders are
often concentrated
to just a few
6
Passwords and
encryption are not
enough
7
Efficient remediation
can save days of
effort per user
VISIBILITY ACTION

15. Next Steps
Shadow Data Exposed
http://www.elastica.net/wp-file-sharing/
The 7 Deadly Sins of Traditional
DLP in the New World of Shadow IT
http://www.elastica.net/ebook-7sins-dlp
http://www.linkedin.com/company/elastica
https://www.facebook.com/ElasticaInc
@ElasticaInc