SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Asia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
Cloud Security
#
Cloud Services
#
DLP
Data leakage concerns dominate cloud security perceptions - Bitglass report
Thu, 26th Nov 2020
FYI, this story is more than a year old
By Staff Writer
Follow us

How secure is the public cloud? That's what many IT and security professionals are asking as data leakage becomes a pressing concern for organisations and their data protection strategies.

The Bitglass 2020 Cloud Security report revealed that 93% of surveyed IT and security professionals were ‘moderately to extremely concerned' about public cloud security, and many are struggling to get their heads around it.

According to the report, 45% of respondents believe that public cloud apps and software as a service (SaaS) provide similar levels of security to on-premise applications, while 27% believe cloud apps are less secure, and 28% believe they are more secure.

66% of respondents name data leakage as their top cloud security concern, while 63% name data privacy as a major concern, followed by accidental credential exposure (43%),  legal and regulatory compliance (42%), and incident response (42%).

Bitglass implied that one solution could be cloud data loss prevention (DLP) tools, however, a mere 31% actually use such tools.

Tools commonly deployed include access control (68%), antivirus, anti-malware and advanced threat protection (54%), multifactor authentication (47%), data encryption (45%) and firewalls or network access control (44%).

Other issues stem from the lack of ability to maintain visibility into the following areas: cross-app anomalous activity (81%), access to unmanaged apps (66%), external sharing (55%), DLP policy violations (50%), file uploads (50%), file downloads (45%), and user logins (28%).

“This does not bode well for the average enterprise's cloud security posture. Additionally, 81% of companies cannot identify cross-application anomalous activity, something which will continue to grow in importance as organisations increasingly expand their cloud footprints,” the report states.

While 82% of respondents acknowledge that legacy tools aren't the best choice for cloud environments, 79% say it would be helpful to use a consolidated security platform.

“To address modern cloud security needs, organisations should leverage multi-faceted security platforms that are capable of providing comprehensive and consistent security for any interaction between any device, app, web destination, on-premises resource, or infrastructure,” explains Bitglass CTO Anurag Kahol.

The report suggests that security platforms should provide:

  • Identity management capabilities like single sign-on and multifactor authentication that can verify users' identities anywhere
  • Data loss prevention functionality designed to prevent leakage across the cloud, the web, and on premises 
  • Advanced threat protection that leverages behaviour-based protections to scan for threats at upload, at download, and at rest 
  • An agentless option for securing personal devices that respects end-user privacy while enforcing granular, intelligent protections.
     
Related stories
IBM strengthens cyber resilience alliance with Cohesity
Swann announces AI-driven voice assistant for home security
Cado Security teams up with Wiz to bolster cloud security solutions
Survey finds half of businesses planning to adopt AI
Commvault appoints Ashley Baird as new VP & MD of Market Expansion
Top stories
Check Point boosts email security with new AI-powered features
SentinelOne makes it to CRN's inaugural AI 100 list
Upwind fortifies Cloud Security Platform with identity security
Singapore firms suffer downtime due to fibre network disruption
Genetec unveils Security Center SaaS for cloud & hybrid deployments