Exception Sprawl
Published 04/28/2014
By Krishna Narayanaswamy, Chief Scientist at Netskope
We released the Netskope Cloud Report today. One of the key findings of the report is that 90 percent of cloud app usage is in apps blocked by perimeter technology.
How can this be the case? Are all the firewalls broken?
That usage is the exceptions. Folks in IT and network security know this all too well. These put-upon individuals do all this work to set a very well-intentioned policy blocking a cloud service like Facebook or a storage or cloud backup app in order to protect the network, prevent leakage of sensitive data or corporate IP, or just help keep employees productive.
And that’s when the goat rodeo begins: First, marketing asks for access to the blocked service because they need to post news and product updates. Then the execs get in on the action. Then it’s customer support. And sales. And. And. And. Before you know it, everybody’s using the service, and the exception is now the rule. The sad irony is that the well-intentioned policy is now, in fact, not working.
We are dubbing this “exception sprawl.”
We look at this against policy violations in the Netskope Active Platform. One conspicuously missing policy violation from the top of our list is login (which is our version of blocking the app). Login is only the fifth most common policy violation, behind upload, edit, post, and download. In fact, login policy violations are only about 4 percent of upload violations, so there’s a huge drop-off from people who enforce granular, activity-based policies and straight-up blocking.
This tells us that when IT and security folks have the option to enforce granular policies, they will choose that option. They know all too well what happens when you block a service that breaks business process.
Tell me how you’re solving “exception sprawl” in your organization by commenting on this blog post or on Twitter: @Krishna_Nswamy #exceptionsprawl
Get the full Netskope cloud report here.