WALTHAM, MA — (Marketwired) — 04/16/15 — CloudLock today unveiled its key findings of its first “Cloud Cybersecurity Report: The Extended Perimeter,” a new industry analysis from CloudLock examining more than 750 million files, 77,500 apps and six million users in the cloud.
While businesses are clearly embracing the power of cloud applications with each organization collaborating with an average of 865 other organizations — internal users, external collaborators and third-party apps are dramatically increasing the threat surface for new cloud cyberattacks. CloudLock research indicates that nearly one in four employees, unknowingly or not, violates corporate data security policy in public cloud applications. On average, organization has a staggering of exposed credentials. These usernames and passwords were either accessible across the entire company, externally, or, in the most severe cases, publicly — a cybersecurity attack waiting to happen.
“The growth of the cloud and the corresponding expansion of the perimeter is staggering. It creates a monumental challenge for IT professionals looking to protect their enterprises from emerging cloud cyberattacks all while staying out of the way of users and allowing them to embrace the collaboration opportunities it provides,” said Ayse Kaya Firat, director of customer insights and analytics at CloudLock. “It–s only through an analysis of what data is truly important, coupled with an increase in user education and empowerment, that security can keep up with the rise of the cloud.”
CloudLock–s analysis uncovered exponential growth in cloud collaboration, including:
Organizations have an average of 1.2 million files stored in the cloud, of files stored in public cloud applications compared to last year.
Organizations collaborate with 865 other organizations on average. External collaboration via public cloud applications has increased four times over the previous year.
70 percent of cloud-based external collaboration occurs with non-corporate entities.
There is an average of 475 unique third-party cloud applications per organization that are connected to corporate systems, a 300 percent increase over the past year. In total, CloudLock discovered more than 77,500 third-party apps with more than 2.5 million installs in 2015.
assessed in 2015 due to security-related concerns. Of these banned apps, security professionals cite the inappropriate nature of apps in 46 percent of instances, subpar vendor trustworthiness (applications of questionable origin or intent) in 30 percent and excessive access scopes in 24 percent of instances.
Organizations have an average of that contain sensitive information stored within public cloud applications.
One in four employees, unknowingly or not, violates corporate data security policy in public cloud applications
On average, organization has a staggering of exposed credentials. These usernames and passwords were either accessible across the entire company, externally, or, in the most severe cases, publicly — a cybersecurity threat waiting to happen.
were discovered by CloudLock. Since privileged users are often super administrators with an extensive access scope, they represent a heightened cyber security risk and as such no third-party applications should be connected to these accounts.
, i.e. they are indexable by search engines, creating another risk vector.
Organizations are taking two main approaches to protect their most sensitive corporate assets in the cloud through security policies. worry primarily about while as a starting point for the data security and cyber defense strategy.
Information organizations worry about most include intellectual property and confidential information (59 percent), PCI data (19 percent), PII data (13 percent), objectionable content (5 percent) and PHI data (4 percent).
Cloud application providers are taking great strides in securing access at the infrastructure layer and have never been more secure. So risk does not stem from the fact that cloud applications are used. Rather, risk is a product of neglecting the extension of the perimeter introduced by cloud applications. At the center of the expanded perimeter is the user, intersecting data, user profiles and applications. Security professionals can not only keep up with the increased security demand of the cloud but can actually align security with the business strategy of their organizations.
To download the CloudLock Data Security Report, please visit:
CloudLock offers the cloud security fabric enabling enterprises to protect their data in the cloud, reduce risk, achieve compliance, manage threats and increase productivity. By analyzing 15 billion+ objects for more than 6 million end users daily, CloudLock delivers the only complete, risk-appropriate and people-centric approach to cloud security. Learn more at .
Lisa Mokaba
Inkhouse for CloudLock
781-966-4100
You must be logged in to post a comment Login