Cloud Enterprise IT

Misconfigured Cloud is Becoming a Major Threat to Businesses

Almost one quarter of all data stored in the cloud is sensitive, and the sharing of sensitive data in the cloud has increased by 53% year-over-year. Although the advantages offered by the cloud are increasing business agility and productivity, it’s rapid adoption means the cloud has become the biggest threat vector for enterprises in modern times.

According to findings from the 2019 Cloud Adoption and Risk Report from security specialist McAfee, 21% of all files hosted in the cloud contain sensitive data, up 17% over the past two years.

As Sharing Increases, so do Security Concerns

It is also thought that around 22% of public cloud users actively share files in the cloud and 48% of all files hosted in the cloud are eventually shared. The number of active sharing cloud users has gone up 33% over the past two years and total files shared also up 12% over the same period.

This is mainly due to end users getting comfortable with the technology. As with most technologies, many cloud services, such as Dropbox, first made it into the enterprise as consumer services, with teams adopting them ‘unofficially’ as a way of boosting productivity. But many of these applications then transitioned to become business tools as their utility became apparent.

Encouragingly, personal information is being stored less commonly in the cloud, perhaps as users become more aware of the dangers and more diligent about their own data. Unfortunately, the same cannot be said of corporate data, which is largely protected through the enforcement of security policies.

Learn everything about managing a hybrid network with our ebook: The Essential  Hybrid Networking Guide

There are a couple of challenges here. Anyone using a corporate cloud account and sending data to a personal email address is invariably removing that data from any oversight by the information security team. This is a popular workaround for users who find security policies too ‘restrictive’. Even worse however is data shared to anyone with an open link. Just a single click can potentially lead to the uncontrollable sprawl of data to completely unknown destinations. Once a file in a service like Box or OneDrive is set to open access by “anyone with a link”, you lose complete oversight of that data.

As a result, many organizations are clamping down on settings that allow such easy sharing but with so many cloud-based services in circulation, it’s increasingly difficult to stay on top of the configuration of all cloud instances.

Misconfigured Clouds Are a Growing Threat

McAfee found that organizations have at least 14 misconfigured IaaS instances running at any given time, resulting in an average of 2,269 misconfiguration incidents per month.

If we look at AWS – the most popular cloud service by far – as an example, about 5.5% of all AWS S3 buckets in use are misconfigured to be publicly readable. This means the data stored in these instances is accessible by anyone. It's plain to see how the risk of immediate data loss grows inline with cloud adoption.

Other than misconfiguration, the majority of threats to data in the cloud result from compromised accounts and insider threats. Around 80% of organizations are going to experience at least one compromised account threat in the cloud every month and McAffee said 92% currently have stolen cloud credentials for sale on the Dark Web.

Managing security configurations will always take resources, but, with the right WAN technology, it’s possible to make file sharing within your organization secure and easy. Take a look at our ebook on cloud and WAN connectivity to find out how.

The Essential Hybrid Networking Guide