Bitglass has published the findings of a survey for its ‘Cloud Hard 2018: Security with a Vengeance’ report, which includes insights from over 570 cybersecurity and IT professionals on their approach to cloud security.
Visibility and compliance challenges continue to trouble organizations, with less than half of respondents claiming they have visibility into external sharing and DLP policy violations in their cloud application and environments. Even more worrying was the finding that 85 percent of organizations were unable to identify anomalous behaviour across cloud applications.
When asked about the biggest security threats to their organization, most cited misconfigurations (62 percent) similar to the numerous AWS S3 leaks over the past year, followed by unauthorised access (55 percent). 39 percent said external sharing was the most critical threat while 26 percent highlighted malware and ransomware.
Key report highlights were:
- Less than half (44 percent) have visibility into external sharing and DLP policy violations.
- Only 15 percent of organizations surveyed can see anomalous behaviour across apps.
- While 78 percent have visibility into user logins, only 58 percent have visibility into file downloads and 56 percent into file uploads.
- To protect mobile data, 38 percent of organizations install agents and 24 percent use a trusted device model, where only provisioned corporate-owned devices are allowed access to company systems.
- 11 percent have no mobile access control solution in place, granting access to any smartphone or tablet.
- 69 percent of organizations rely solely on endpoint solutions for malware protection, tools which cannot detect or block malware at rest in the cloud or employees’ BYO devices.