Organizations Cloudy Over Data Loss Protections
According to the report, 67% of organizations believe cloud apps are as secure or more secure than on-premises apps.
Amid the Equifax and Facebook settlement headlines over privacy violations comes findings that only 20% of organizations use cloud data loss prevention measures to protect sensitive data and intellectual property.
Campbell, Calif. Bitglass, a cloud access security broker, released its “Guardians of the Cloud,” its 2019 Cloud Security Report on the state of enterprise cloud security in order to identify key trends and common vulnerabilities.
The research noted as organizations migrate more of their data and operations to the cloud, they must maintain a robust cybersecurity posture. To uncover how well they accomplishing this, Bitglass partnered with a leading cybersecurity community and surveyed IT professionals about cloud security in their organizations.
“Data is now being stored in more cloud apps and accessed by more devices than ever before,” Rich Campagna, chief marketing officer of Bitglass, said. “This report found that 93% of respondents are at least moderately concerned about their ability to use the cloud securely, and that the adoption rates of basic cloud security tools and practices are still far too low. Many organizations need to rethink their approach to protecting data, as traditional tools for safeguarding data on premises are not capable of protecting data in the cloud.”
What type of corporate data do you store in the cloud? “Organizations are moving workloads and data into the cloud, granting them greater productivity and flexibility, but increasing the likelihood of data leakage where proper security is not employed,” the report suggested. Forty-five percent of respondents store customer data in the cloud, 42% store employee data in the cloud, 30% store corporate financial data and 24% store intellectual property in the cloud.
Other key insights from the report:
- 75% of organizations leverage multiple cloud solutions, but only 20% have visibility over cross-app anomalous behavior.
- Only 20% of organizations use cloud DLP, despite storing highly sensitive information in the cloud including customer and employee data and intellectual property.
- 67% of organizations believe cloud apps are as secure or more secure than on-premises apps.
- Malware has emerged as the most concerning data leakage vector, with 27% of respondents citing it as the number one concern for their organization. Conversely, concern about leakage through unsanctioned cloud apps fell from 12% in 2018 to 5% in 2019, showing that organizations are becoming aware that there are threats greater than shadow IT.
- Access control (52%) and anti-malware (46%) are the most-used cloud security capabilities.
- Cost is the leading concern for organizations evaluating cloud security providers. Other critical concerns include ease of deployment (46%), cloud native solutions (45%), the ease of cross-cloud security policies enforcement (36%) and the solution’s ability to integrate with various cloud platforms (36%).