It’s safe to assume that, sanctioned or not by IT, employees at most medium to large sized organizations have embraced the likes of Box, Dropbox, Gmail, etc. for their simplicity and intuitive layout—and are regularly accessing them from within corporate networks and on mobile devices.

This cascading effect that sees consumers adopt a given app for personal use, before beginning to access and share corporate data on them (regardless of whether it has formally been sanctioned by an IT department) has come to be known as “shadow IT.”

In most cases, the rate of cloud app adoption is outpacing security policies set in place by IT at most companies. And while some companies are getting ahead of the curve that is the crux of the issue when it comes to shadow IT. In that spirit, here are five tips for companies to help ensure that employee app usage does not impact security—and sensitive information doesn’t fall into the wrong hands.

1. Discover the full breadth of cloud apps running on your enterprise network.

Organizations typically estimate that 40-50 cloud apps are in use across their corporate network, which is far from reality. On average, organizations today have 613 cloud apps in use, and that number continues to grow with each passing quarter. Not to mention, 88 percent of those apps aren’t enterprise-ready from a security standpoint. You can’t manage what you can’t measure, so the first step for any organization is to do a thorough audit of all cloud apps in use—sanctioned or unsanctioned, including apps running on premises, remote or on PCs or mobile devices.

2. Understand how cloud apps are being used in your organization.

Traditional technologies don’t provide contextual usage data for cloud apps, but understanding how information is shared via the cloud is key to keeping your environment secure. Evaluate who in your organization has shared what information with whom, and whether they’re outside of your organization. Having visibility into apps, users, times, locations and activities will help ensure that sensitive data is kept secure.

3. Use context-aware analytics and machine learning to monitor usage and detect anomalies.

Defining “normal” activity in a cloud environment can be challenging, which is why organizations should take advantage of security analytics. Running deep analytics to view user behavior cannot only help detect anomalies, but will help conduct forensics on user activity leading up to an incident or breach.

4. Identify and prevent the loss of sensitive data.

The amount of sensitive data entrusted to cloud services is staggering, and if 88 percent of apps aren’t enterprise ready, it’s a good reason to institute data loss prevention (DLP) policies for the cloud apps being used. When setting these policies, it’s important to incorporate usage context; create relevant DLP profiles including PII, PCI, ePHI and more; and base DLP profiles on industry standards.

5. Enforce your security and compliance policies in any cloud app in real-time.

Having complete control over your cloud app ecosystem is key to keeping it safe. Security is an around-the-clock endeavor, so it’s important that IT administrators set and enforce granular policies on activities and content in real-time. Set policies once and ensure they are enforced in every app, category or globally.