Business cloud usage is growing and as such, pushes business data beyond the sphere of control.
This is according to a new report by cybersecurity company McAfee, the Enterprise Supernova: The Data Dispersion Cloud Adoption and Risk Report. This found that almost four fifths (79 per cent) of companies store sensitive data in the public cloud. While an average of 41 cloud services are approved by these companies, “thousands of others” are being used ad-hoc, without vetting, the report warns.
More than half of the companies surveyed for the report (52 per cent) said they use cloud services that have been breached by cybercriminals in the past. The report concludes that many organisations “leave themselves open to loss” of sensitive data, as well as to not being compliant with current laws and regulations.
“The dispersion of data creates new opportunities for both growth and risk,” said Rajiv Gupta, senior vice president, Cloud Security, McAfee.
“Security that is data-centric, creating a spectrum of controls from the device, through the web, into the cloud, and within the cloud provides the opportunity to break the paradigm of yesterday’s network-centric protection that is not sufficient for today’s cloud-first needs.”
According to the same source, shadow IT is still a huge risk for company cybersecurity, as a quarter (26 per cent) of files in the cloud contain sensitive data (a 23 per cent jump compared to the same period last year). More than nine in ten (91 per cent) of cloud services don’t encrypt resting data.