Companies risk data exposure as employees leave
New research from SASE company Netskope reveals the risk of critical data exfiltration linked to employees leaving their jobs.
The report finds that some departing employees present a disproportionately significant cloud security risk. In their last 30 days of employment, workers have been shown to be uploading three times more data than usual to personal cloud apps.
"Regardless of whether the so-called 'Great Resignation' is real or perceived, it's a fact that employees leaving an organization pose an increasingly bigger insider security threat to organizations when they take company data with them," says Ray Canzanese, threat research director at Netskope. "That and other trends revealed in the research show that enterprises must rethink security based on the reality of cloud application use. They should favor a security architecture that provides context for apps, cloud services, and web user activity, and that applies zero trust controls to protect data wherever and however it’s accessed."
Among other findings are that 97 percent of cloud apps used in the enterprise are shadow IT, unmanaged and often freely adopted. The report shows 97 percent of Google Workspace users have authorized at least one third-party app to access their corporate Google account, potentially exposing data to third parties due to scopes like, 'View and manage the files in your Google Drive.'
Wider cloud issues are highlighted too. More than 35 percent of all workloads are exposed to the public internet within AWS, Azure, and GCP, with RDP servers -- a popular infiltration vector for attackers -- exposed in 8.3 percent of workloads.
Cloud-delivered malware is growing too has increased to an all-time high of 68 percent with cloud storage apps accounting for nearly 67 percent of that cloud malware delivery and malicious Office docs now accounting for 43 percent of all malware downloads.
The full July 2021 Netskope Cloud and Threat Report is available from the company's site.