Published: May 13, 2020 on our newsletter Security Fraud News & Alerts Newsletter.
It’s no secret that employees who don’t follow good cybersecurity practices are an ongoing danger to a company’s security. As Symantec’s Cloud Security Threat Report (CSTR) finds, employee missteps are a major threat to a company’s cloud security and the sensitive data it holds. It finds cloud security risks are increasing as more companies look to the service for data security. It’s a dangerous mix of employees failing to use basic cybersecurity measures, as well as those in charge of cloud security allowing it to happen. The CSTR shows how those poor practices add to the threat of already risky cloud storage.
With the CSTR showing 73% of organizations using a cloud have experienced a security incident due to ineffective practices, risky employee behavior is part of that result. Employees using personal accounts at work, including BYOD (Bring Your Own Device) policies, greatly increases the risk of unauthorized cloud access. The more devices exposing a network, the greater the need for cybersmart employees who can lower the risk of exposure to data breaches, malware, ransomware, and other threats.
85% of employees don’t use good security practices
37% use weak passwords
34% use poor password hygiene
36% use unauthorized cloud apps
35% connect with personal devices at work
With numbers like that, it’s no wonder cloud security is affected by risky employee practices. The need for cybersmart behavior is more important than ever since it affects cloud security. It starts with strong password use and multi-factor authentication (MFA) procedures to verify user identity. Unique, long passwords are necessary to keep the bad actors out and should be changed on a regular basis. Educating employees about the risks of email phishing and how to spot it goes a long way toward securing cloud access. Those in charge of cloud security need to work with employees by limiting personal devices and apps accessing the cloud. Employees should use VPN’s (Virtual Private Networks) on mobile devices, particularly when connecting to cloud services.
Making sure employees are educated about cybersecurity, and especially making sure they follow secure processes that are in place is an important part of keeping cloud use secure. Â
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at advisor@nadicent.com