Organizations may implement computing environments (e.g., enterprise computing environments), relying on many technology devices, software, hardware, and/or computing services. Increasingly, these computing environments are implemented as or using a “cloud” environment. A “cloud” environment can represent a conglomerate of local and remotely hosted computing resources and systems. The term “cloud computing” to refer to various aspects of distributed computing over a network. Cloud computing environments may implement various service models include infrastructure as a service (IaaS), platform as a service (PaaS), software as a service (SaaS), and network as a service (NaaS). A “cloud” can also refer to the data store and client application of a single service provider. Many applications may implement a cloud computing environment to enable a device to obtain an additional functionality or capability beyond what is available solely on the device itself. Such applications may be implemented using one or more service providers (also referred to herein as “providers”), each having one or more service provider systems (also referred to herein as a “provider system”) using one or more computer systems. Examples of such service providers may include corporations such as Box, Dropbox, Microsoft, Docusign, Salesforce, Oracle, Amazon, and others. Each of the service providers may provide many different applications or functionality enabling access to applications and/or data as a cloud-based service.
The reliance on computing environments has led to widespread use of applications that are either authorized or unauthorized by an organization. Authorized applications may be applications that are either registered with the organization or known by an organization. In some instances, an application may be authorized by being distributed by the organization. Unauthorized applications may be applications that are not known, and/or not associated or registered with an organization. Unsanctioned applications can include applications that operate independently of others and third-party integrated applications that integrate into a sanctioned (IT managed) application as a plug-in or add-on. Whether authorized or unauthorized, many applications pose a great security risk to a computing environment of an organization. The security risks include exposure to a private network of an organization in an unsecure manner or access to private, confidential data, which should be restricted through security controls.
Applications that pose a security risk may or may not be under the management of the organization. As such, these applications may be operated under a “shadow” or a hidden manner, unknown and/or not regulated by an organization for security control. Further, unknown usage of applications can contribute to inefficient and over usage of computing resources, such as bandwidth and data storage. Undiscovered usage may affect performance and access to critical resources in a computing environment of an organization.
Applications that are operated in an unregulated manner, may be accessed from a service provider in an unauthorized manner. For example, a salesperson of an organization may use an unsanctioned file sharing application in his mobile device to share a spreadsheet to his team members for collaboration instead of emailing it. Although, use of such application can contribute to increased productivity, it may also pose security risks as well as compliance issues in the organization. For example, confidential files with business sensitive information may be susceptible to an information leak if the application is not secure enough. Since such applications are not evaluated by the organizations, they are not prepared to act upon a security breach. Moreover, some apparently useful applications may knowingly or unknowingly distribute adware or even malware. Many organizations try to block such applications or websites but that makes employees unhappy due to impact on productivity. Moreover, employees try to bypass such barrier e.g., using external VPN service, mobile data service etc. However, administrations of computing environments in organizations need visibility to all applications being used so that they can proactively monitor and control questionable or malicious applications.