Poor IT Actions Threaten Cloud Security
Published: February 8, 2020 on our newsletter Security Fraud News & Alerts Newsletter.
A startling look at cloud services and the companies with risky cloud security practices was recently released by Symantec. Their 2019 Cloud Security Threat Report (CSTR) shines a light on ineffective approaches to security practices that put so many businesses at risk of a cloud security incident. The study shows just how precarious security is for the many companies unable to keep up with evolving cloud security needs. The report reveals many factors affecting cloud security, but chief among them is the inability of corporate tech services to provide adequate cloud security for their data.
73% of organizations using a cloud say they have experienced a security incident due to ineffective practices.
64% of security incidents occur at cloud level
25% of cloud security alerts get no response
93% of respondents are unable to keep in front of cloud workloads
83% believe they lack an effective approach to cloud security incidents
No use of multi-factor identity authentication
The CSTR shows keeping the bad guys out is a real problem. Many respondents feel unequipped and understaffed and struggle to keep up with everyday cloud security. As more and more businesses turn to cloud storage, the ongoing security issues increase, leaving greater opportunities for cybercriminals. One third of respondents say lack of visibility and control over clouds creates further risks. The complexity behind cloud security doesn’t help either, especially when a staff is overwhelmed to begin with. But the lack of multi-factor authentication (MFA) for those accessing the cloud is a basic security issue that any IT department should require. And not just for cloud use, as MFA should be required for any and all security risks, even as simple as logging in to an email account.
The CSTR points out that the future of business security lies with Zero Trust. It’s an old school approach that requires identity authentication from the outset. This ensures a level of trust for those accessing any type of network, cloud, or otherwise. Until that happens, reports like the CSTR will continue to find major flaws in the way companies provide cloud security.
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at firstname.lastname@example.org