Oh wow.

In 18 months of using Microsoft’s Cloud App Security tool to help assess Shadow IT deployments, every single customer has responded exactly the same when presented with just the preliminary findings of a firewall log import.

The statistics back it up, with over 80% of employees reporting that they use some form of unapproved cloud technology in their daily work. At that percentage, the likelihood that users in your organization are actively employing out-of-band solutions approaches 100%. And we know the threat is real: every day on the news we hear the fall-out of high-ranking government officials’ use of Shadow IT solutions.

But sometimes those high-profile cases only serve to distract from the fact that users—your users—are actively shipping your corporate data to places unknown, with unknown compliance controls and capabilities, unknown licensing risks.

To wit: a customer was approached by a sales rep for a popular online storage site. The rep told him that 250 users had registered for accounts with email addresses from his company’s public email domain. All of them were for “private” use. The rep asked how he’d like to pay for those services: cash, check, or charge?

Had that company performed a Shadow IT Assessment and employed a cloud access security broker like CAS, that conversation would never have happened. IT would have known about the 250 users and been able to take intelligent action to either allow that usage with safety and compliance controls, or prohibit the use entirely, even when their users were off-net.

Cloud App Security goes beyond the traditional proxy server and enables behavioral analytics to do more than just block and allow, offering discovery, control, and analytical ranking of over 15,000 public cloud solutions, plus API integration with popular 3rd party SaaS providers to provide rich compliance controls that let your users be productive and secure.

It’s 10 pm. Do you know where your data is?