Sensitive data is exposed in over 30 percent of cloud assets

No Comments

New analysis of more than 13 billion files stored in public cloud environments reveals that more than 30 percent of cloud data assets contain sensitive information.

The study by Dig Security shows personal identifiable information (PII) is the most common sensitive data type that organizations save. In a sample data set of a billion records, more than 10 million social security numbers were found -- the sixth most common type of sensitive information -- followed by almost three million credit card numbers, the seventh most common type.

"Many organizations handle sensitive customer and corporate data too casually. Our goal in developing the State of Cloud Data Security 2023 Report is to drive awareness over how users engage with sensitive data in today’s working environments, and expose corresponding risks," says Dan Benjamin, CEO and co-founder of Dig Security. "To protect data wherever it lives, modern enterprises must build a comprehensive data security stack, including a Data Security Posture Management (DSPM) solution with real-time Data Detection and Response (DDR) capabilities."

Perhaps more worrying than the data being stored is that 91 percent of database services with sensitive data were not encrypted at rest, 20 percent had logging disabled, and 1.6 percent were open to the public. More than 60 percent of storage services were not encrypted at rest, and almost 70 percent were not logged.

In addition users frequently have admin and consumer privileges unnecessarily. More than 35 percent of principals have some privilege to sensitive data assets. Almost 10 percent have admin access, and almost 20 percent have consumer access to a sensitive asset.

Sensitive data, on average, is accessed by 14 different principals, and six percent of companies have sensitive data that has been transferred to publicly open assets. Compounding the issue is the frequent flow of data across geolocations. Over 56 percent of sensitive data assets are accessed from multiple geographic locations, and 26 percent are accessed from five or more.

The full report is available from the Dig Security site.

Image credit: VitalikRadko/depositphotos.com

No Comments

Comments are closed.

Got News? Contact Us

Recent Headlines

TUXEDO Stellaris 17 (Gen6): A high-performance portable Linux workstation

New solution helps companies prepare for 90-day TLS standard

Get 'Enterprise Transformation to AI and the Metaverse' (worth $59.99) for FREE

Best Windows apps this week

All you wanted to know about passkeys but were afraid to ask

Microsoft tells users 'if you want to fix 0x80070643 errors, you'll have to do it yourself'

Identity and permissions present a major security challenge

Most Commented Stories

Say goodbye to Microsoft Windows 11 and hello to Nitrux Linux 3.4.1

75 Comments

The stunning Windows 13 -- yes, 13! -- is the Microsoft operating system we want

23 Comments

Microsoft 'improves' Windows 11 by bringing ads to the Start menu in the US

21 Comments

Windows 11 slammed for its 'comically bad' performance even on high-end hardware

18 Comments

Microsoft is up to its old tricks yet again -- Windows 10 users harassed with full-screen Windows 11 upgrade warnings

18 Comments

Microsoft releases preview version of Office 2024 for Windows and macOS -- download it now!

17 Comments

EndeavourOS ARM discontinued: A huge loss for the Linux community

9 Comments

Microsoft is actively blocking Windows 11 tweaking tools

8 Comments

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.