Mobius Consulting assisted a large insurance institution to understand their cloud application landscape and the risks these services pose to their organisation. The primary objective was to identify any shadow IT cloud applications and to assess the utilisation of these applications against the organisation’s authorised applications. The results were interesting and highlighted the risks of not having sufficient governance and controls in place.
In order to understand the cloud applications being utilised in the organisation, Mobius Consulting partnered with one of the leading Cloud Access Security Brokers (CASB) vendors.
We completed the analysis by using the CASB’s solutions advanced cloud application analyses tool.
Mobius Consulting analysed the results to determine the following:
Full landscape of all cloud applications in use across the entire business.
Identified risky cloud applications that were either not secure, or put the organisation’s sensitive data at risk of exposure.
The top 10 most used cloud applications across a range of categories such as finance, HR, business process management and customer relationship management.
The risk exposure to the organisation of the identified top 10 cloud applications per category.
The result of the project is that the organisation was able to identify more than 200 cloud applications in use that they were was previously unaware of. The organisation was able to gain insights into who was using these applications, what areas of the business they were being used for, and most importantly which of these applications posed a risk to the organisation from a data exposure perspective
Overall this highlighted to the organisation the need to govern and be able to control the use of cloud applications in their organisation.