While businesses are clearly embracing the power of cloud applications with each organization collaborating with an average of 865 other organizations – internal users, external collaborators and third-party apps are dramatically increasing the threat surface for new cloud cyberattacks.
CloudLock examined more than 750 million files, 77,500 apps and six million users in the cloud. Their research indicates that nearly one in four employees, unknowingly or not, violates corporate data security policy in public cloud applications. On average, each organization has a staggering 4,000 instances of exposed credentials. These usernames and passwords were either accessible across the entire company, externally, or, in the most severe cases, publicly – a cybersecurity attack waiting to happen.
“The growth of the cloud and the corresponding expansion of the perimeter is staggering. It creates a monumental challenge for IT professionals looking to protect their enterprises from emerging cloud cyberattacks all while staying out of the way of users and allowing them to embrace the collaboration opportunities it provides,” said Ayse Kaya Firat, director of customer insights and analytics at CloudLock. “It’s only through an analysis of what data is truly important, coupled with an increase in user education and empowerment, that security can keep up with the rise of the cloud.”
The extended perimeter:
- Organizations have an average of 1.2 million files stored in the cloud, 10 times the volume of files stored in public cloud applications compared to last year.
- Organizations collaborate with 865 other organizations on average. External collaboration via public cloud applications has increased four times over the previous year.
- 70 percent of cloud-based external collaboration occurs with non-corporate entities.
- There is an average of 475 unique third-party cloud applications per organization that are connected to corporate systems, a 300 percent increase over the past year. In total, CloudLock discovered more than 77,500 third-party apps with more than 2.5 million installs in 2015.
- More than 50 percent of third-party apps assessed in 2015 are banned due to security-related concerns. Of these banned apps, security professionals cite the inappropriate nature of apps in 46 percent of instances, subpar vendor trustworthiness (applications of questionable origin or intent) in 30 percent and excessive access scopes in 24 percent of instances.
Cloud cyber security risk on the rise:
- Organizations have an average of 100,000 files that contain sensitive information stored within public cloud applications.
- One in four employees, unknowingly or not, violates corporate data security policy in public cloud applications
- On average, each organization has a staggering 4,000 instances of exposed credentials. These usernames and passwords were either accessible across the entire company, externally, or, in the most severe cases, publicly – a cybersecurity threat waiting to happen.
- More than 45,000 installs of third-party cloud applications by privileged users were discovered by CloudLock. Since privileged users are often super administrators with an extensive access scope, they represent a heightened cyber security risk and as such no third-party applications should be connected to these accounts.
- 24,000 files per organization are publicly accessible, i.e. they are indexable by search engines, creating another risk vector.
Corporate cloud cyber security defense strategies:
- Organizations are taking two main approaches to protect their most sensitive corporate assets in the cloud through security policies. Sixty-five percent of organizations worry primarily about what type of sensitive data is exposed while 35 percent worry about how information is exposed as a starting point for the data security and cyber defense strategy.
- Information organizations worry about most include intellectual property and confidential information (59 percent), PCI data (19 percent), PII data (13 percent), objectionable content (5 percent) and PHI data (4 percent).
Cloud application providers are taking great strides in securing access at the infrastructure layer and have never been more secure. So risk does not stem from the fact that cloud applications are used. Rather, risk is a product of neglecting the extension of the perimeter introduced by cloud applications. At the center of the expanded perimeter is the user, intersecting data, user profiles and applications. Security professionals can not only keep up with the increased security demand of the cloud but can actually align security with the business strategy of their organizations.