Sensitive Data Leaks Cost Average Organizations $1.9M: Report

Study examines 63 million enterprise documents within leading cloud applications including Office 365, Google Drive, and Salesforce

Nicole Henderson, Contributor

January 21, 2016

2 Min Read
Sensitive Data Leaks Cost Average Organizations $1.9M: Report
A symbolic data cloud is seen at the IBM stand at the 2014 CeBIT technology Trade fair on March 10, 2014 in Hanover, Germany. CeBIT is the world’s largest technology fair and the year’s partner nation was Great Britain. (Photo by Nigel Treblin/Getty Images)

Talkin Cloud logo


By Talkin' Cloud

The ease of use of cloud-based collaboration and file sharing applications may be putting organizations at risk as they are unaware that 26 percent of documents stored in cloud apps are broadly shared – meaning any employee can access them, and in some cases are discoverable in a Google search.

This is according to the Q4 2015 Shadow Data Report released by Blue Coat's Elastica Cloud Threat Labs team on Wednesday. The study is based on insights into 63 million enterprise documents within leading cloud applications including Office 365, Google Drive, and Salesforce.

The report identifies shadow data as any sensitive information that is uploaded and shared in cloud apps without the knowledge of IT security teams. This isn’t the first time Elastica has explored the risks of shadow IT, having investigated the risks to the healthcare industry in particular in its Q2 2015 report.

Indeed, the healthcare industry is at greater financial risk from the leakage of sensitive cloud data than the average organization, with a potential impact reaching up to $12 million compared to the $1.9 million cost to an average organization.

“We’ve reached a point in the security lifecycle where shadow IT should no longer be the primary focus. By now, organizations should have a grip on cloud applications available and have enforceable policies in place with the ability to control which are in use,” Blue Coat Systems and Elastica founder Rehan Jalil said in a statement. “It’s time to start focusing on the real problems, which are the need to know what types of information employees are sharing, who is able to access data and how to stop high-risk exposures that lead to data breaches.”

According to the report, one in 10 documents shared broadly contain data that is subject to compliance regulations, such as Protected Health Information (14 percent) and Payment Card Industry data (5 percent).

The Q4 2015 report can be downloaded from Elastica’s website.

This first ran at

About the Author(s)

Nicole Henderson

Contributor, IT Pro Today

Nicole Henderson covers daily cloud news and features online for ITPro Today. Prior to ITPro Today, she was editor at Talkin' Cloud (now Channel Futures) and the WHIR. She has a bachelor of journalism from Ryerson University in Toronto.

Subscribe to the Data Center Knowledge Newsletter
Get analysis and expert insight on the latest in data center business and technology delivered to your inbox daily.

You May Also Like