Is your data at risk?
Cloud services bring a momentous opportunity to accelerate business through their ability to quickly scale, allow us to be agile with our resources, and provide new opportunities for collaboration. As we all take advantage of the cloud, there’s one thing we can’t forget—our data. Even when using a SaaS service we are still responsible for the security of our data in the service and need to ensure it is only accessed appropriately. When using an IaaS/PaaS service, we additionally are responsible for the security of our workloads in the service and need to ensure that we are configuring the underlying application and infrastructure components appropriately.
To better understand organizational cloud usage, McAfee publishes a Cloud Adoption & Risk Report. What makes our report unique is that we base our findings on actual usage data for over 30 million users worldwide, across over 600 enterprises who use MVISION Cloud.
21% of files in cloud contain sensitive data
The use of cloud services is growing and critical to this growth is the understanding that data, and most importantly sensitive data, now lives in the cloud and must be protected. The percentage of files that contain sensitive data continues to grow, standing at 21% and having increased 17% over the past two years. Below is the break down of the types of sensitive data in the cloud.
8% of shared files contain sensitive data
There are two categories of sharing that should immediately raise red flags: sharing with personal email addresses, and sharing via generating an open link that anyone can access. The latter case can lead to uncontrollable sprawl of your data to completely unknown individuals and organizations. The chart to the right gives a break down of the recipients of shared files.
Did You Know?
- 48% of all files in the cloud are eventually shared
- 22% of users share files in the cloud
- The average enterprise generates over 2 billion events per months in the cloud
- The average enterprise uses 1,935 different cloud services
- 18.1% of cloud services support multi-factor authentication
- 80% of all organizations experience at least 1 compromised account threat per month
Multi-IaaS Strategy Is the Standard
Today, 65% of organizations around the world use some form of IaaS, 52% for PaaS. When we look at usage worldwide, AWS absolutely leads the pack with 94% of all access events. However, 78% of organizations are currently using both AWS and Azure together, typically as an official multi-cloud strategy.
Cloud Threats Continue to Grow
Security incidents are no longer isolated to PCs and applications on the network, owed primarily to the scale of corporate data stored in the cloud today as well as the sheer number of events taking place in the cloud. The average organization experiences 31.3 cloud-related security incidents each month, a 27.7% increase over same period last year.
Nearly All Organizations Experience Threats
From our anonymized dataset we can see that 80.3% of organizations experience at least one compromised account threat per month, 94.3% experience at least one insider threat per month, and 58.2% experience at least one privileged user threat. Additionally, 92% of companies have cloud credentials for sale on the Dark Web.