Less than half of enterprises are aware of external sharing and DLP policy violations
Visibility and compliance challenges continue to haunt organizations, with only 44 percent of respondents claiming they have visibility into external sharing and DLP policy violations in their cloud application and environments.
The figure comes from a new report produced by cloud access security broker Bitglass which also finds that 85 percent of organizations acknowledge they are unable to identify anomalous behavior across cloud applications.
"Cloud security is here to stay as is evident by the concerns and challenges survey respondents highlighted," says Bitglass CMO Rich Campagna. "Enterprise security teams are concerned about the next-generation of cloud threats that pose a risk to corporate data. There has already been immense progress in the past five years as security personnel come to the realization that legacy security tools and processes are not enough to secure their ever-changing ecosystem."
When asked about the biggest security threats to their organization, most respondents cite misconfigurations (62 percent), similar to the numerous AWS S3 leaks over the past year, followed by unauthorized access (55 percent). 39 percent say external sharing is the most critical threat while 26 percent highlight malware and ransomware.
Just 15 percent of organizations surveyed can see anomalous behavior across apps. And while 78 percent have visibility into user logins, only 58 percent have visibility into file downloads and 56 percent into file uploads.
To protect mobile data, 38 percent of organizations install agents and 24 percent use a trusted device model, where only provisioned corporate-owned devices are allowed access to company systems. Yet 11 percent have no mobile access control solution in place, granting access to any smartphone or tablet.
Also 69 percent of organizations rely solely on endpoint solutions for malware protection, tools which cannot detect or block malware at rest in the cloud or on employees' BYO devices.
You can read more about the findings in the full report which is available on the Bitglass website.