Study: 15 Per Cent of Business Cloud Users Have Been Hacked

An anonymous reader writes Recent research has identified that only one in ten cloud apps are secure enough for enterprise use. According to a report from cloud experts Netskope, organizations are employing an average of over 600 business cloud apps, despite the majority of software posing a high risk of data leak. The company showed that 15% of logins for business apps used by organizations had been breached by hackers. Over 20% of businesses in the Netskope cloud actively used more than 1,000 cloud apps, and over 8% of files in corporate-sanctioned cloud storage apps were in violation of DLP policies, source code, and other policies surrounding confidential and sensitive data. Google Drive, Facebook, Youtube, Twitter and Gmail were among the apps investigated in the Netskope research.

Achilles heel of the cloud apps....

[erp_consultant]

I've been around long enough to see things comes and go. The current flavor of the month is "cloud". Cloud this, cloud that. Even the behemoths of the ERP world - Oracle and SAP - are making an aggressive push to "the cloud". Companies like Workday and Salesforce are growing at a tremendous rate.

It all seems very appealing. Say goodbye to multi year implementations and increasingly difficult and costly upgrades. Rent it by the seat rather than making large capital outlays. Fully object oriented design. Open standards vs. proprietary tools. Lots of great benefits.

But.....

As Willie Sutton once famously stated when asked why he robbed banks..."because that's where the money is". The data of your company, and other companies in the typical "multi-tenant" configuration is all in the one place. The bad guys know this. They will target these data centers to be sure.

You are essentially taking your data from an environment you can control (largely) to one you cannot. That is a huge leap of faith.

I expect that it is only a matter time before there will be a massive data breach for hosted cloud apps. We're not talking about someone's email account or twitter account. We're talking about an entire database full of SSN's and other personal information getting stolen. Everyone in your company and possibly customer and partner data as well. I don't want to be the one holding that press conference.

Re:Achilles heel of the cloud apps....

[afidel]

Control is an illusion, if the folks at RSA can be spearfished and have their most valuable assets stolen basically anyone can. People are fallible and the bad guys only need one successful attack while the good guys need to defend perfectly. We run a relatively tight shop, no local admin, patches up to date, AV/Antispam on the email gateways, AV and Antimalware on the desktop, IDS/IPS in the firewall with additional IDS by spanning the vlans going to our firewall and the server vlan. What we've found is that we still end up with ~1% of our clients managing to get some kind of infection or infection attempt per month (the attempts are generally where an exploit of some kind succeeded but the payload was stopped by one of the defense layers from actually becoming persistent on the client).

As far as the point from the article, we're moving to have as many of our cloud apps as possible use our SAML repository for authentication so that we can treat it as much as possible like an extension of our general security stance with password attempt monitoring, rate throttling and attack blocking, user lockout, etc. It doesn't help if the service itself is breached, but it at least stops the more casual authorized user leaks that seem to be one of the more common failures identified.

Re:Encryption . . . anyone ?

[Shados]

If a big part of the service is actually manipulating your data (email, database, charts, data analysis, etc...), then it needs to get decrypted somewhere at some point. The data can be intercepted then.