Cloud security specialist CloudLock has released a new report looking at the risks of user behaviour to businesses using cloud systems.
It reaches the startling conclusion that just one per cent of users account for 75 per cent of the security risk. The top one per cent of users are responsible for 57 per cent of file ownership, 81 per cent of files shared, 73 per cent of excessively exposed files and 62 per cent of app installations.
Understanding the composition of this one per cent of users is crucial for security teams. Often it includes super-privileged users and software architects, as well as machine-based identities (such as applications with programmatic access) that grant access privileges and archive data.
A similar imbalance also shows in cloud-based collaboration. While organisations on average collaborate with 865 external parties, just 25 of these account for 75 per cent of cloud-based sharing. Also, 70 per cent of external file sharing occurs with non-corporate email addresses which security teams have little control over.
Risky installs are a problem too. Many cloud applications support integration with third-party applications, outside the network and undetectable via traditional security tools, such as proxy- or gateway-based solutions. These apps may be targeted by cybercriminals as entry points to organisations. CloudLock research reveals that 52,000 instances of applications are installed by highly privileged users - this represents a high risk given that privileged accounts are highly coveted by malicious cybercriminals.
"Cyber attacks today target your users - not your infrastructure. As technology leaders wake up to this new reality, security programs are being reengineered to focus where true risk lies: with the user," says CloudLock CEO and co-founder Gil Zimmermann. "The best defense is to know what typical user behavior looks like - and, more importantly, what it doesn't".
You can read more in the full report which is available to download from the CloudLock website.