CloudSphere recently released a new report that revealed that 32% of enterprises experienced unauthorized access to cloud resources, and another 19% were unaware if unauthorized access occurred. The report also looked at other aspects of cloud access across teams and cloud misconfigurations.
We sat down with CloudSphere’s Technical Evangelist Keith Neilson for a Q&A to discuss critical cloud security challenges and what these latest insights from the report mean for the industry.
Why is unauthorized access such an issue across organizations? What makes it a risk?
Securing multi-cloud service offerings is an extremely complex undertaking that requires an advanced understanding and strategy to properly safeguard. Gartner predicts that customers will be at fault for 99% of cloud security failures through 2025. This points to a general lack of understanding of security and access control measures. As a result, cloud misconfigurations that go unrepaired, combined with human error, can leave security gaps vulnerable to unauthorized access.
Over two-thirds of companies report that tens of thousands of records flow through their respective cloud security solutions each month. With stolen data costing $146 per record on average, organizations are risking hundreds of millions of dollars if a cyberattack or breach occurs. Most instances often go undetected due to poor security visibility, structuring and implementation, making compromised resources like expired or removed passwords continuously exposed to threat actors.
Where does unauthorized access come from?
Our survey revealed a lack of visibility when it comes to unauthorized or misplaced cloud resource access. Most commonly, unauthorized access occurs from current or former employees and external, malicious agents. 58% of respondents said its employees, 40% said ex-employees and 38% said external entities such as bots and hackers. This once again points to the need to increase visibility in cloud security environments as it’s not abundantly clear who or what groups have authorized access within cloud environments.
Organizations need to take the time to determine proper permissions to improve decision-making capabilities and operational insight, providing enhanced visibility across an entire multicloud environment.
How can organizations lower or eliminate their unauthorized access security risk?
Organizations need to create and enforce identity and access management (IAM) governance policies that ensure data stays secure. Strictly designing and limiting permissions to a highly selective number of users and machines will delegate controls to those who absolutely need it, eliminating unintentional access to past or unrelated employees. Closely reviewing security configurations to establish timely alerts is also a major priority. Receiving real-time updates to password changes, expirations and other vulnerable resources mitigates ongoing risks. Implementing these initiatives and dedicating the time to better understand your security architecture improve the security team’s overall functionality and thwart unauthorized access.