© 2019 SourceMedia. All rights reserved.

Data vulnerability in the cloud greater than most organizations realize

Organizations were recently warned that the increased popularity of cloud computing puts data at greater security risk. But it turns out that data in the cloud is more exposed to risk than organizations think.

That is hte finding of a new report from cyber security company McAfee. The company’s Cloud Adoption and Risk Report, which analyzed billions of events in customers’ production cloud use to assess the current state of cloud deployments and to uncover risks, showed that nearly one quarter of the data in the cloud can be categorized as sensitive. This puts organizations at risk if the data is stolen or leaked.

cloud vulnerability.jpg
Network switch and UTP ethernet cables

As part of the research, McAfee analyzed aggregated, anonymized cloud usage data for more than 30 million McAfee MVISION Cloud users worldwide at companies across multiple industries. Additional contextual data was sourced from the company’s 2018 survey of 1,400 security professionals in 11 countries, all using public or private cloud services.

The sharing of sensitive data in the cloud has increased 53 percent compared with the previous year, the study said, and those organizations that do not adopt a cloud strategy that includes data loss protection, configuration audits and collaboration controls, will endanger the security of their data while exposing themselves to increased risk of noncompliance with internal and external regulations.

The study found that while organizations aggressively use the public cloud to create new digital experiences for customers, the average enterprise experiences more than 2,200 misconfiguration incidents per month in their infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS) instances.

Cloud service providers only cover the security of the cloud itself, not customer data or customer use of their infrastructure and platforms, the report noted. Companies are always responsible for securing their data wherever it is, which highlights the need to deploy cloud security tools that span the entire cloud spectrum.

For reprint and licensing requests for this article, click here.