(c)iStock.com/FrankRamspott

Three quarters of cloud apps used by businesses are not equipped for the upcoming EU General Data Protection Regulation (GDPR), according to the latest study from cloud security services provider Netskope.

The report comes hot on the heels of a survey conducted by the firm back in February which argued businesses were not sure if they would keep up with the upcoming legislation, which is set to drop in two years’ time and includes provisos over the right to be forgotten, as well as the user’s right to know when their data has been hacked.

According to the research, employees used on average 777 cloud apps in a given organisation – a figure which was a slight increase from previous years. Netskope argues that 75% of the more than 22,000 apps tracked did not stand up to upcoming EU data privacy scrutiny. The majority of these violations (73.6%), perhaps not surprisingly, came from cloud storage apps. Almost 95% of the apps analysed were also not deemed to be enterprise-grade.

Yet this may not be the worst news to come out of the report. Netskope also found that 11% of enterprises surveyed were using sanctioned – in other words, IT-approved – apps laced with malware, with more than a quarter (26.2%) of malware in these apps shared with users, either internally, externally, or publicly.

“The shift to the cloud presents an increasing complexity and volume of security challenges for enterprises, including regulations like the EU GDPR,” said Netskope CEO and founder Sanjay Beri. “When the deadline for compliance looming, complete visibility into and real-time control over app usage and activity in a centralised, consistent way that works across all apps is paramount for organisations to understand how they use and protect their customers’ personal data.”