Press Release

CloudLock Reports That One in Four Employees Exposes Enterprises to Cloud Cyberattacks

Share
New industry report from CloudLock outlines explosion of enterprise perimeter and increased exposure to cloud cyber threats

Cloud-Cybersecurity-Report-CloudLockWaltham, Mass., April 16, 2015 – CloudLock today unveiled its key findings of its first “Cloud Cybersecurity Report: The Extended Perimeter”, a new industry analysis from CloudLock examining more than 750 million files, 77,500 apps and six million users in the cloud.

While businesses are clearly embracing the power of cloud applications with each organization collaborating with an average of 865 other organizations - internal users, external collaborators and third-party apps are dramatically increasing the threat surface for new cloud cyberattacks. CloudLock research indicates that nearly one in four employees, unknowingly or not, violates corporate data security policy in public cloud applications. On average, each organization has a staggering 4,000 instances of exposed credentials. These usernames and passwords were either accessible across the entire company, externally, or, in the most severe cases, publicly - a cybersecurity attack waiting to happen.

“The growth of the cloud and the corresponding expansion of the perimeter is staggering. It creates a monumental challenge for IT professionals looking to protect their enterprises from emerging cloud cyberattacks all while staying out of the way of users and allowing them to embrace the collaboration opportunities it provides,” said Ayse Kaya Firat, director of customer insights and analytics at CloudLock. “It’s only through an analysis of what data is truly important, coupled with an increase in user education and empowerment, that security can keep up with the rise of the cloud.”

CloudLock’s analysis uncovered exponential growth in cloud collaboration, including:

The Extended Perimeter

  • Organizations have an average of 1.2 million files stored in the cloud, 10 times the volume of files stored in public cloud applications compared to last year.
  • Organizations collaborate with 865 other organizations on average. External collaboration via public cloud applications has increased four times over the previous year.
  • 70 percent of cloud-based external collaboration occurs with non-corporate entities.


Apps Explosion

  • There is an average of 475 unique third-party cloud applications per organization that are connected to corporate systems, a 300 percent increase over the past year. In total, CloudLock discovered more than 77,500 third-party apps with more than 2.5 million installs in 2015.
  • More than 50 percent of third-party apps assessed in 2015 are banned due to security-related concerns. Of these banned apps, security professionals cite the inappropriate nature of apps in 46 percent of instances, subpar vendor trustworthiness (applications of questionable origin or intent) in 30 percent and excessive access scopes in 24 percent of instances.


Cloud Cyber Security Risk on the Rise

  • Organizations have an average of 100,000 files that contain sensitive information stored within public cloud applications.
  • One in four employees, unknowingly or not, violates corporate data security policy in public cloud applications
  • On average, each organization has a staggering 4,000 instances of exposed credentials. These usernames and passwords were either accessible across the entire company, externally, or, in the most severe cases, publicly - a cybersecurity threat waiting to happen.
  • More than 45,000 installs of third-party cloud applications by privileged users were discovered by CloudLock. Since privileged users are often super administrators with an extensive access scope, they represent a heightened cyber security risk and as such no third-party applications should be connected to these accounts.
  • 24,000 files per organization are publicly accessible, i.e. they are indexable by search engines, creating another risk vector.


Corporate Cloud Cyber Security Defense Strategies

  • Organizations are taking two main approaches to protect their most sensitive corporate assets in the cloud through security policies. Sixty-five percent of organizations worry primarily about what type of sensitive data is exposed while 35 percent worry about how information is exposed as a starting point for the data security and cyber defense strategy.
  • Information organizations worry about most include intellectual property and confidential information (59 percent), PCI data (19 percent), PII data (13 percent), objectionable content (5 percent) and PHI data (4 percent).

 

Cloud application providers are taking great strides in securing access at the infrastructure layer and have never been more secure. So risk does not stem from the fact that cloud applications are used. Rather, risk is a product of neglecting the extension of the perimeter introduced by cloud applications. At the center of the expanded perimeter is the user, intersecting data, user profiles and applications. Security professionals can not only keep up with the increased security demand of the cloud but can actually align security with the business strategy of their organizations.

To download the CloudLock Data Security Report, please visit: Cloud Cybersecurity Report: The Extended Perimeter

About CloudLock

CloudLock is the cloud-native CASB and Cloud Cybersecurity Platform that helps organizations securely leverage cloud apps they buy and build. CloudLock delivers security visibility and control for SaaS, IaaS, PaaS and IDaaS environments across the entire enterprise in seconds. Founded by Israeli Elite Cybersecurity Military Intelligence experts, the company delivers actionable cybersecurity intelligence through its data scientist-led CyberLab and crowdsourced security analytics across billions of data points daily. CloudLock has been recognized by Inc. Magazine as the fastest growing security product company in the U.S. and by Glassdoor as one of the top 3 best places to work in the U.S. Learn more at www.cloudlock.com.

CloudLock

Stephanie Olesen, Inkhouse
+781-966-4100

cloudlock@inkhouse.com http://www.cloudlock.com/

Experience a Live Demo

See the CloudLock CASB & cloud cybersecurity solution in action from one of our cloud security experts

Browser Not Supported

Your browser version is outdated.

We would recommend you upgrade to a recent version to ensure that you have a good experience on the CloudLock site. Outdated browsers also increase your security risk. So please update your browser and come back later!

Click on the icon below to download the latest version of your browser

Close