(c)iStock.com/maxkabakov

An overwhelming 94% of cloud apps in enterprises across EMEA are not enterprise-ready, while two thirds of overall cloud services are not up to scratch, according to the latest research from Netskope.

The findings, which appear in the company’s latest quarterly cloud report, found that 82.4% of services do not encrypt data at rest, 66.4% of cloud services do not specify that the customers owns the data in their terms of services, while 42% do not allow admins to enforce password controls.

The report arrives amidst the backdrop of the European General Data Protection Regulation (GDPR), which comes into effect in May of next year. Netskope warns that businesses are potentially falling behind in their efforts to become au fait with the legislation; 40% of services analysed back up to a secondary location, the company says, not all of which are GDPR-compliant.

“Until very recently, organisations had to take an all-or-nothing approach to allowing cloud services,” said Sanjay Beri, Netskope founder and CEO. “If they sanctioned a cloud storage service for corporate use, they also needed to accept any additional personal instances of that cloud storage service or block the service entirely.

“As our customers make cloud services a strategic advantage for their businesses, when it comes to governing and securing those services, they are realising granular policies can ensure that sensitive data does not leak from the sanctioned instance of a corporate cloud service to an unsanctioned one,” Beri added.

The report also examined wider cloud trends. More than 90% of Netskope customers use IaaS services, predominantly AWS, Microsoft Azure and Google Cloud Platform, with enterprises using on average four IaaS services, while Office 365 remains the number one app with Slack continuing to rise up the top 20.

In February last year, Netskope reported that more than 4% of enterprises have sanctioned cloud apps laced with malware.