Recently, cloud provider Skyhigh Networks released a study of enterprise cloud adoption and found that not only are more organizations utilizing the technology, but a growing number are focused on the security features being provided. Although data protection has improved since last year’s survey, it is still relatively low. Only 11 percent of all cloud services encrypt data at rest and less than 20 percent require multi-factor authentication. With use of cloud computing increasing 18 percent from last year, organizations need to step up their security efforts if they want to have any chance at defending against a data breach in the near future.
With enterprise cloud adoption on the rise, it’s important for organizations to keep an eye on the security of their platforms. As employees are encouraged to embrace the cloud on a larger scale, many may begin to feel comfortable leveraging the cloud services they use in their personal lives while at work, putting sensitive business data at risk.
There are so many free cloud services available now that it’s hard to find someone that doesn’t use at least one. Each person has their own preferred method of accomplishing certain tasks, and so there can be dozens of different file sharing services employed in a single enterprise with no way of knowing where privileged information is being stored. According to the SkyHigh report, 37 percent of enterprise cloud users upload sensitive information to file sharing services, and 9 percent of all documents shared with users outside of the business contained sensitive personal or payment data. Perhaps most alarming, the study found that 92 percent of companies have users whose identities have been compromised.
“Customers need to be continually reviewing the tools they use, how employees are using them and the changing security landscape within which they operate,” wrote Forbes contributor Ben Kepes. “Cloud can absolutely be a safe choice but isn’t automatically so – enterprises need to make decisions and take actions to ensure that security.”
Bring cloud to the enterprise – safely
One of the most reliable ways to keep enterprise cloud environments secure is to put user access controls in place. While most businesses already utilize some level of control, many do so incorrectly. Users are frequently given more access than is necessary, potentially compromising an entire network. Multiple recent breaches have been carried out through the use of valid access IDs that were wholly unrelated to the user’s role within the organization. Many businesses give employees access based on their level within the company instead of their role, creating multiple major vulnerabilities that could easily be avoided. When deploying a cloud platform, the concept of least privilege is essential to ensure security is as tight as possible. For overall enterprise cybersecurity, implementing a layered security approach is a reliable way to defend against data breaches and keep malicious actors away from private networks.