Businesses have been benefiting from the cloud in terms of productivity and flexibility for many years now. However, along with the benefits, come many risks. When it comes to cloud storage, some of these risks are technical but many of them are much more human.
The current mentality towards cloud storage…
According to a recent research by cybersecurity firm IS Decisions, nearly half of organizations consider their own data to be more sensitive than that of their clients. They’ve been asked what they believed to be “sensitive” and the answers are pretty worrying. 74% of organisations said corporate credit card data, 71% said personal information about employees, yet only 62% said client contact information and 52% said client data in general.
We can clearly see a lack of concern for client data and it is very concerning. Collaboration between organizations and supply chains are increasing meaning that almost every organization that is connected to the internet now stores client data on their systems in one form or another (whether it’s living on email servers or cloud storage providers).
So, how do you feel knowing that the security of your data is in the hands of your suppliers who believe it’s less sensitive than you do?
… is leading to poor security decisions…
Many organizations believe that cloud storage is insecure and that they have to put up with it in order to benefit from better productivity and flexibility. 61% of organizations think their data is “unsafe in the cloud” and 45% said that moving to the cloud has damaged their security. As a result, it’s not surprising that 49% believe that the native security controls of common cloud storage providers are not strong enough to protect data.
Are organizations doing something about it? Well, not really. 80% are just relying on the native security of their current cloud storage provider, despite knowing that its security isn’t as strong as is it should be. Only 10% are using third-party cloud file monitoring tool to prevent unauthorized access to sensitive files.
… thus damaging data security !
Data breach detection is crucial even though it’s a challenge for organizations.
29% say that they have suffered a breach of files or folders since moving to the cloud for storage. More worrying, 15% say it would take weeks before they’d find out if unauthorized access has taken place.
This is a serious concern for organizations. The more time a hacker has to look around your systems, the more leverage he can gain over your company. He can steal data or move laterally across your systems until he finds a workstation with administrator privileges and uploads ransomware or shuts down your network.
How to overcome cloud security passivity
Many things need to change starting with the mentality of ‘my data is more important than yours’. But that’s not it. The reliance on the native security of cloud storage providers and the amount of time it takes to detect a breach also have to change as well.
Supply chain attacks are on the rise, so all it takes is one mistake/accident from one supplier to compromise your data. And the worst part is that you might not even know about it.
Nowadays, most organizations examine the cybersecurity of their partners before deciding to work with them. For that reason, it’s essential that organizations can show that they’re looking after clients’ data to keep them safe.
But how can this be done?
The best way to do so is to monitor access to files and folders. However, doing so manually is very time-consuming and quite expensive. Also, it is very tough to detect unauthorized access to data when an attacker is using compromised credentials.
For that reason, what you need to do is invest in technology. You need a solution in place that will continuously monitor access to files and folders across all of your servers (cloud and on-premise) and alert IT teams when any kind of suspicious behavior happens.
You need visibility. And the best way to have visibility is to have a consistent and unique view of your files activity whether stored on premise or in the cloud. This can significantly reduce the risk of leaking data — whether it’s yours or your clients’.