Research from Netskope has claimed more than 75% of business apps lack key capabilities to ensure compliance under EU General Data Protection Regulation.

The company tracked 22,000 apps of which three quarters failed to meet minimum requirements of the EU, falling down in areas such as deleting personal data in a timely manner or violating data portability requirements.

The companies who have not met the required standards now have just under two years to ensure compliance, when GDPR comes into play in 2018. Failure to meet the criteria will see a company fined up to $22 million or up to four percent of annual worldwide revenue, whichever is greater.

“The shift to the cloud presents an increasing complexity and volume of security challenges for enterprises, including regulations like the EU GDPR,” said Sanjay Beri, CEO of Netskope. “With the deadline for compliance looming, complete visibility into and real-time control over app usage and activity in a centralised, consistent way that works across all apps is paramount for organisations to understand how they use and protect their customers’ personal data.”

The number of sanctioned apps containing malware increased from 4.1% to 11% in the period between reports. More of a quarter of the instances of malware was detected in files that had been shared with others within the organization. In terms of cloud data loss prevention, cloud storage applications accounted for 73.6%, with Webmail coming in at second with 22.1%.