Only 1% of employees represent 75% of security risk in the cloud, says a new report released by CloudLock CyberLab, the security intelligence arm of cloud security firm CloudLock. The report titled, The 1% Who Can Take Down Your Organization, focuses on the riskiest element in the cloud: user behavior. The report is based on analysis of 10 million users, 1 billion files, and over 91,000 applications, claims the company.
The research concludes that on an average, each organization goes through 4,000 instances of such a user publicly exposing files containing clear text passwords. Understanding the composition of this 1% of users is crucial for security teams, says the report. These users often include super-privileged users, software architects as well as machine-based identities (i.e., applications with programmatic access) that grant access privileges and archive data.
The study finds that no industry is isolated from this trend. The risk is most concentrated in finance with 1% users accounting for 80% of the risk while it is slightly lower in manufacturing at 75%.
While organizations on an average collaborate with 865 external parties, just 25, or less than 3% of these account for 75% of cloud-based sharing. Seventy percent of external file sharing occurs with non-corporate email addresses security teams have little control over, the report adds.
Many cloud applications support integration with third-party applications, outside the network and undetectable via traditional security tools, such as proxy- or gateway-based solutions. These apps are frequently targeted by cybercriminals as entry points to organizations. CloudLock research reveals that 52,000 instances of applications are installed by highly privileged users – a number that should be zero given privileged accounts are highly coveted by malicious cybercriminals.
The Risk of the Hyperactive
By involving the most active users in the security process, organizations can rapidly mitigate the majority of cybersecurity risk, recommends the report. It cites the example of one client of the company which managed to decrease public exposures by 62% in just one day by doing so.
This seems to be a logical conclusion from the data that the report throws. The report says that these hyperactive 1% users actually account for the lion’s share of all cloud activities. Some of them are as follows.
1% of users represent 62% of all app installs in the cloud.
1% of users are responsible for 57% of file ownership
1% of users are responsible for 81% of files shared
1% of users account for 73% of excessively exposed files
The report gives both warning and hope to the enterprise IT managers. Marking a very small base of hyperactive users is the way forward to dramatically reduce cloud risk.
