87% claim they have 50 or fewer apps on the cloud infrastructure.
Over half of IT and security experts believe that they have 10 or fewer cloud-based apps running in their organisation, with 87%signifying they had about 50 apps on the cloud infrastructure.
According to the CSA’s ‘Cloud Usage: Risks and Opportunities’ survey, there is a major difference between the number of cloud-based apps believed to be used by IT and security professionals, and the number stated by cloud application vendors.
CSA CEO Jim Reavis said: "We found these results particularly interesting and at the same time concerning.
"It’s hard to control what you can’t see.
"If you are only seeing one tenth of your actual cloud usage, it’s impossible to put cloud policies in place to protect users and data.
"This tells us that cloud app discovery tools, along with analytical tools on cloud app policy use and restrictions, are very important in the workplace, especially when it comes to sensitive data being used by cloud applications."
The report added that the assessments are extremely less than generally reported by vendors and research reports, which add up the existence of more than 500 cloud apps, on average, per organisation.
However, majority of the survey respondents noted that their organisations have implemented policies and procedures to secure data and assure compliance.
About 80% of policy enforcement has been implemented for cloud storage and cloud backup, representing heavy concerns about data leak and protection.
Further, more than half of the respondents had in place a policy that deals with BYOD, with more than 80% of them consider it is at least fairly followed.
CSA global research director JR Santos said: "Beyond raising awareness around cloud service risk, the findings here are intended to provide usage intelligence that helps IT, security, and business decision-makers take action.
"By consolidating and standardising the most secure and enterprise-ready cloud services, knowing what policies will have the most impact, and understanding where to focus when educating users, we can improve the protection of data and applications in the cloud."