Business must do more to limit exposure of data in the cloud

February 2019 IT infrastructure, Cyber Security

Organisations should pay closer attention to security concerns associated with storing data in the cloud as configuration errors together with cloud threats pose a significant and ever-increasing risk to enterprise data, says Nompumelelo Mdima, McAfee Business Development Manager at Axiz Advanced Technologies.

Nompumelelo Mdima.
Nompumelelo Mdima.

“While cloud services offer business the advantages of scalability, business continuity, collaboration efficiency and flexibility of work practices, it is equally important to appreciate that data in the cloud is more exposed than many organisations realise,” notes Mdima.

According the most recent Cloud Adoption and Risk Report released by McAfee, nearly a quarter of the data in the cloud can be categorised as sensitive, putting an organisation at risk if it is stolen or leaked. The report also revealed that the sharing of sensitive data with an open, publicly accessible link, increased by 23% year-on-year. In addition, the average enterprise experiences more than 2200 misconfiguration incidents per month in their infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS) instances.

Mdima says the data highlights the need for business to deploy cloud security solutions that span the entire cloud spectrum as cloud service providers only cover the security of the cloud itself, not customer data or customer use of their infrastructure and platforms. “It is imperative that business adopt a cloud strategy that includes data loss protection, configuration audits, and collaboration controls to properly protect their data. Not doing so also has consequences through noncompliance with internal and external regulations.”

Organisations need to first understand which cloud services are in use, which data is sensitive, and how it being stored and used as a first step to mitigating risk. “Armed with a clear and coherent overview, suitable security policies can be put in place to prohibit sensitive data from being stored in unapproved cloud services and guard against noncompliant sharing of data via email or through a publicly accessible link,” says Mdima.

The McAfee report, which analysed billions of events in anonymised cloud use, also found that most threats to data in the cloud result from compromised accounts and insider threats. “A sound security policy should also have protocols for identifying irregular behaviour, for instance when a user accesses the cloud from separate locations simultaneously, so that a comprised account can be dealt with immediately,” adds Mdima.

“In order accelerate their business, organisations should look to cloud-native and frictionless ways to defend against security threats. Proactively addressing security responsibilities before there’s an incident remains the best way mitigate risk and safeguard what is very often a company’s most valuable asset – its data.”


Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

How far are we really at with artificial intelligence?
August 2019, Axis Communications SA , Editor's Choice, CCTV, Surveillance & Remote Monitoring, IT infrastructure, Residential Estate (Industry)
Justin Ludik unpacks exactly how far AI has come and what it potentially can do for society and more importantly, surveillance.

Inundated with cyberattacks from all directions
August 2019 , Editor's Choice, Cyber Security, Security Services & Risk Management
IT managers are inundated with cyberattacks coming from all directions and are struggling to keep up due to a lack of security expertise, budget and up-to-date technology.

Collaboration and tech key to safer, connected communities
August 2019 , Residential Estate (Industry), IT infrastructure
The advent of fibre-to-the-home has not only changed the way we work and play but has also heralded the launch of a number of advances for the security industry.

Patient critical – healthcare’s cybersecurity pulse
August 2019, Wolfpack Information Risk , News, Cyber Security, Healthcare (Industry)
The healthcare industry has become one of the leading cybersecurity attack vectors worldwide for several reasons.

Cyber tools and solutions
August 2019, Technews Publishing , Editor's Choice, Cyber Security, IT infrastructure, Residential Estate (Industry)
Hi-Tech Security Solutions looks at the various options we have when it comes to protecting yourself from the ever-growing scourge of cybercrime?

Going safely into the brave new world of 4IR
July 2019 , Industrial (Industry), Cyber Security
Put cybersecurity at the heart of industrial digitisation on the journey to 4IR.

Security solution for SD WAN
August 2019 , IT infrastructure
As thousands of African companies start to investigate and/or deploy SD WAN solutions, one consistent question arises: what are the security implications?

A one-size-fits-all approach won’t secure the IoT
August 2019 , News, Cyber Security
Securing the Internet of Things (IoT) is something which cannot be done with a one-size-fits-all approach, and every kind of connected object must be assessed individually.

Cloud advantage or cost?
August 2019 , Cyber Security, IT infrastructure
No matter how you look at it, security in the cloud is as important as security in traditional data centres.

AI-based malware detection
August 2019 , Perimeter Security, Alarms & Intruder Detection, Cyber Security
Check Point Software introduces Malware DNA, a new artificial intelligence-based malware detection engine to accelerate zero-day threat prevention.