Bitglass released its 2020 Cloud Security Report that analyzed organizations’ preparedness in using the cloud. The Cloud Security Alliance member partnered with a leading cybersecurity community to interview IT and security professionals about the state of cloud security in their organizations.
The report found low adoption rates of specialized security capabilities and high use of inappropriate tools.
For example, most cloud users said they depended on endpoint protection (65%) or cloud-native threat protection mechanisms (57%), which were ill-suited for protecting data in the cloud.
Key findings of Bitglass cloud security report
Almost all (93%) respondents were “moderately” to “extremely” concerned about cloud security.
However, 73% of the respondents also believed that cloud apps were more secure (28%) or equally secure (45%) as on-premises apps. Only about 1 in 4 or 27% of the respondents felt that cloud-based apps were less secure.
The results showed that although organizations believed that cloud environments were inherently safer, they were struggling to adopt sound cloud security practices.
Cloud architectures affect business security and continuity
Most respondents (82%) recognized that network security tools provided limited protection in a cloud environment.
However, 94% of the respondents pointed out that cloud architectures affected performance, scalability, and uptime “moderately” to “extremely.” The three issues affected business security and continuity.
Organizations were advised to adopt cloud security strategies that avoid legacy approaches because platforms architected in the public cloud are better compared to those deployed in vendors’ private networks or data centers.
Data leakage and prevention mechanisms
Two-thirds (66%) of the respondents cited data leakage as their biggest cloud security concern. Respondents feared that data breaches could lead to privacy violations, regulatory compliance requirements violation issues, and unauthorized access to corporate systems and sensitive data.
Despite data leakage being the most significant cloud security issue, the adoption of data loss prevention (DLP) measures was surprisingly low, with less than a third (31%) of the respondents having such measures in place.
The most widely used data protection measures were access control and the use of anti-viruses, which were adopted by 68 and 54% of the respondents, respectively.
Surprisingly, specialized cloud security capabilities were underutilized. Only 37% of organizations having single sign-on capabilities, multifactor authentication (MFA), 47%, and cloud access security brokers, 29%, implemented.
Contrarily, organizations were still using inappropriate tools such as firewalls (44%), network encryption (36%), and network monitoring (26%) to protect cloud data and infrastructure from online security threats.
The researchers recommended that organizations should adopt the specialized cloud security capabilities instead of on-premises tools or the “limited native controls built into cloud resources like SaaS apps” to store data securely in the cloud.
Corporate data and user activity visibility still a major challenge
The survey found that most organizations could not maintain visibility over corporate data and user activity. Such organizations lacked the means to track and log activities on the cloud.
Most organizations (81%) could not identify cross-application anomalous activity, while 66% could not track access to unmanaged apps. This exposes the organizations to the risk of data loss or access by rogue cloud apps.
Roughly half of the organizations could not maintain visibility into file downloads (45%), file uploads (50%), Data Loss Prevention (DLP) policy violations (50%), and external sharing (55%) of corporate data in the cloud. Worse still, 28% of the organizations could not maintain visibility over user logins.
Managing cloud-based security solutions
Most respondents (83%) indicated that they had “at least 3” security solution dashboards. Close to half (48%) had between “3 and 4,” while 10% had “9 or more” security dashboards to manage.
Managing disparate cloud security solutions was an issue for 79% of the respondents who noted that independently configuring them was challenging.
Consequently, they recommended a single security platform with a single dashboard to provide comprehensive security across their cloud platforms.
To ease management challenges, cloud customers cloud also opt for a private cloud, where they could independently manage their cloud services without the limitations of the public cloud.
Cloud data breaches are very prominent during the coronavirus pandemic. Most of the data leaks originated from misconfigured clouds, which could be the result of an oversight by IT and security teams. Having many dashboards to manage leads to confusion and forgetfulness, which compromises the security of the organization.
Having a single dashboard could help reduce the number of data breaches originating from simple easy-to-fix mistakes arising from users’ oversight and confusion.
