78% of organizations plan to increase number of cloud apps in 2013, while 71% admit using unsanctioned apps
San Francisco, CA – January 31, 2013 – According to the results of a new survey on the adoption, use and security of cloud applications, a large majority of respondents, 78%, plan to increase the number of cloud apps in their organizations this year. At the same time, 71% of respondents admit they are using cloud apps that have not been sanctioned by their IT departments. The data is part of the 2013 State of Cloud Application Access Survey conducted by OneLogin, the innovator in identity management, in collaboration with security consultancy flyingpenguin, of 200 IT and business professionals within organizations of all sizes and industries.
“This survey demonstrated that 2013 will be a tipping point in cloud adoption,” said Thomas Pedersen, chief executive officer of OneLogin. “With enterprises rapidly turning to cloud apps, the inherent risks in practices like using unsanctioned apps or sharing passwords on sticky notes need to be addressed, and quickly.”
Designed to collect the views of IT and business people regarding the pace of cloud application adoption and usage, the survey revealed that with access to these applications taking place from a variety of locations including smart phones (80%), tablets (71%) and non-company computers (80%) and with a large percentage of organizations (73%) needing to grant temporary access to cloud apps, respondents cited concerns around identity management, governance and complexity.
Among the issues found in the survey:
Shadow IT - 71% of respondents admit to using cloud applications that have not yet been sanctioned by their IT department (like Dropbox and Gmail) to get work done.
- Unsafe password management - 43% of respondents admit that employees manage passwords in spreadsheets or on sticky notes and 34% share passwords with their co-workers for applications like FedEx, Twitter, Staples and LinkedIn. 20% experienced an employee still being able to login after leaving the company.
- Single sign-on challenges - 48% of respondents are still not able to sign in to cloud applications with a single set of credentials.
- Need to provision external users - 72% of the respondents have the need to provide external users (i.e. consultants) with temporary access to the company’s cloud applications.
- Complex directory infrastructures - 59% of respondents had multiple on-premise directories with Active Directory being cited as the most used directory (40%), followed by LDAP (17%) for managing user identities and application access.
- Different security model for cloud application access - 34% of respondents claimed that their security model for cloud applications was different than for on-premise applications vs. 45% claiming it’s the same.
“It is no secret that cloud apps need solutions added to improve their security; yet to see 20% of app users admit a breach by ex-employees is still a surprisingly high result,” said Davi Ottenheimer, president of flyingpenguin. “The real story behind the 80% already using cloud apps already is that 70% admit apps came without company approval. In 2013, organizations will need solutions flexible enough to support the 60% with more than four apps already in use, and scalable enough to keep up with the 35% who plan to add at least four new apps this year.”
200 people completed the web-based survey which was open between December 7th, 2012 and January 7th, 2013. Respondents were primarily in an IT Leadership role (40%), Business/Operations (23%) or members of the IT Staff (21.50%).