Bitglass has announced the findings of its “Cloud Hard 2018: Security with a Vengeance” Report, which features survey insights from over 570 cybersecurity and IT professionals on their approach to cloud security. Visibility and compliance challenges continue to haunt organisations, with less than half of respondents claiming they have visibility into external sharing and DLP policy violations in their cloud application and environments. More shocking was the fact that 85% of organisations acknowledged they were unable to identify anomalous behaviour across cloud applications.
The cloud security market is growing in large part because traditional security infrastructure has failed. Where next-gen firewalls and built-in capabilities are insufficient for regulatory compliance, internal compliance, and cloud data protection, dedicated cloud security becomes critical. Specifically, 84% of respondents say traditional security solutions don’t work or have limited functionality in the cloud.
“Cloud security is here to stay as is evident by the concerns and challenges survey respondents highlighted,” said Bitglass CMO Rich Campagna. “Enterprise security teams are concerned about the next-generation of cloud threats that pose a risk to corporate data. There has already been immense progress in the past five years as security personnel come to the realisation that legacy security tools and processes are not enough to secure their ever-changing ecosystem.”
When asked about biggest security threats to their organisation, most cited misconfigurations (62%) similar to the numerous AWS S3 leaks over the past year, followed by unauthorised access (55%). 39% said external sharing was the most critical threat while 26 percent highlighted malware and ransomware.
Key Report Highlights:
- Less than half (44%) have visibility into external sharing and DLP policy violations.
- Only 15% of organisations surveyed can see anomalous behaviour across apps.
- While 78% have visibility into user logins, only 58% have visibility into file downloads and 56% into file uploads.
- To protect mobile data, 38% of organisations install agents and 24% use a trusted device model, where only provisioned corporate-owned devices are allowed access to company systems.
- 11% have no mobile access control solution in place, granting access to any smartphone or tablet.
- 69% of organisations rely solely on endpoint solutions for malware protection, tools which cannot detect or block malware at rest in the cloud or employees’ BYO devices.
For more findings and to view the complete report, please visit here