Bitglass has published the findings of its “Cloud Hard 2018: Security with a Vengeance” Report, which features survey insights from over 570 cybersecurity and IT professionals on their approach to cloud security.
Visibility and compliance challenges continue to haunt organizations, with 44 percent of respondents claiming they have visibility into external sharing and DLP policy violations in their cloud application and environments. More shocking was the fact that 85 percent of organizations acknowledged they were unable to identify anomalous behavior across cloud applications.
The cloud security market is growing in large part because traditional security infrastructure has failed. Where next-gen firewalls and built-in capabilities are insufficient for regulatory compliance, internal compliance, and cloud data protection, dedicated cloud security becomes critical. Specifically, 84 percent of respondents say traditional security solutions don’t work or have limited functionality in the cloud.
When asked about biggest security threats to their organization, most cited misconfigurations (62 percent) similar to the numerous AWS S3 leaks over the past year, followed by unauthorized access (55 percent). 39 percent said external sharing was the most critical threat while 26 percent highlighted malware and ransomware.
● Less than half (44%) have visibility into external sharing and DLP policy violations.
● Only 15% of organizations surveyed can see anomalous behavior across apps.
● While 78% have visibility into user logins, only 58% have visibility into file downloads and 56% into file uploads.
● To protect mobile data, 38% of organizations install agents and 24% use a trusted device model, where only provisioned corporate-owned devices are allowed access to company systems.
● 11% have no mobile access control solution in place, granting access to any smartphone or tablet.
● 69% of organizations rely solely on endpoint solutions for malware protection, tools which cannot detect or block malware at rest in the cloud or employees’ BYO devices.