According to a recent survey performed by Netskope, 93% of cloud applications are not ready for enterprise use. This means they have not been scrutinized and verified to be compliant with different privacy protection laws and requirements.
For the small business, it is important to perform a risk assessment on any new application. What data does the application have access to and how does it use the data? Just as important is controlling access by limiting who uses the application. Can you restrict who can access the data and can you see who accessed the data and when? Knowing this information can allow you to make the decision to deploy or disqualify the application.