Enterprise users are rightly worried about security and data protection when utilizing workforce apps in public clouds like Google, AWS and Microsoft Azure, according to a new SANS survey on workforce transformation, which published on Dec. 18 during a live webcast. In the survey, workforce transformation was described as meeting the needs for employees to work anytime, anywhere, from any device.
Survey results show a couple of dichotomies. The biggest is that respondents see the cloud as their great enabler for workforce transformation, yet they also report that the cloud is their biggest risk.
Here are the stats: The majority (51%) of respondents reported that their top enabler for workforce transformation is the use of cloud-hosted infrastructures. Yet the majority (54%) also believed that infrastructure in the cloud poses a top challenge to security and visibility (while 46% cited that keeping up with rapidly evolving technology is a top challenge, and the two are intertwined).
Breaches Are Happening
Enterprises are right to be concerned. Of the 42% of our survey respondents who know they were breached through their cloud apps, 57% experienced information exposure, 51% found compromised accounts, 38% experienced loss of productivity and 38% reported unauthorized access.
Cloud servers are being breached more often, while breaches are growing in scale. And, based on attacks on cloud servers reported to date, breaches are succeeding because of errors introduced by the enterprises purchasing and setting up their workloads in cloud services.
A report released by the Cloud Security Alliance (during Black Hat in August) shows that user error accounts for most of the top 11 reasons that DDoS, ransomware and data loss attacks occur in cloud systems.
For example, vulnerabilities exploited in publicly reported breaches include setup errors in the AWS storage buckets, flawed firewall implementations, poor identity and access controls, insecure APIs and other misconfigurations.
Leverage the Cloud to Secure the Cloud
"We encourage organizations to build and maintain strong prevention, detection and response capabilities tailored to each operating environment," advises SANS analyst David Hazar, author of our new Workforce Transformation Survey.
Hazar also encourages organizations to leverage the shared responsibility models inherent in cloud and third-party services to reduce the overall IT, security and privacy burden, and allow internal staff to focus on the highest risk workloads.
For their part, the cloud services providers themselves (e.g., AWS, Azure, Google) are providing resources for visibility and control into their native apps, while also growing their number of partnerships with the top security vendors enterprises they already use for their on-prem systems.
And now another dichotomy: While our survey respondents believed security policies are most important for controlling their cloud risks, results showed that the tech (and humans) that support those policies are most effective. This includes:
- Vulnerability and patch management (40%)
- Centralized identity and access management (38%)
- Endpoint detection and response (32%)
- Other forms of monitoring (e.g., SIEM/CLM [26%], internal [18%] and external [26%] network monitoring, privileged access monitoring [24%])