Cloud Security Report
+ Full Text
2019 Cloud Security Report
As organizations migrate more and more of their data and operations to the cloud, they must ensure that they maintain a robust cybersecurity posture. However, frequent breaches in the news seem to suggest that many companies are not prioritizing security to the degree that they should. To uncover the state of enterprise security in the cloud, Bitglass partnered with a leading cybersecurity community and surveyed IT professionals.
Awesome Mix 2019 Organizations’ leading cloud priorities have shifted over the past year. While defending against malware has ascended to the top spot, discovering unmanaged apps in use has fallen to number six. Despite a change in their order, the top three priorities from 2018 are each still in the top three in 2019. Finally, it is concerning that securing mobile devices isn’t a higher priority in light of recent Bitglass research which found that 85% of companies now enable bring your own device (BYOD).
1 . l o v x i m e m o s e w A 2018
use n i s p p ance i jor a l a p m m o g c rin latory ware u
- Secu g e r ching st mal pps a n e i R a e . g r 2 a a malwa ending unmanaged t f s e e n d c i a n . 3 ering ing ag omplia v c d o vices n ions c y e t e s r i d a f o d r e t . u l a i 4 g l .1 D e i b u ing mo oud misconf g reg n use rations r i n i u c s h e c p s p a l 5.
- Re ting c ajor a misconfigu n m e v g e n i r r d
- Secu nting clou vices ve de
- pre ing mobile d apps e g a r n u c a
- se g unm n i r e ov
Security in the Skies 67% of respondents believe cloud apps are as secure or more secure than on-premises apps—this is significantly higher than the 40% recorded in 2015. Despite this, 93% of respondents are at least moderately concerned about the security of the cloud. In other words, organizations know the cloud itself is highly safe, but are wrestling with their responsibility to use it securely.
How concerned are you about the security of the cloud: 3%
When compared to on-prem apps, public cloud apps are:
Slightly Concerned Moderately Concerned Very Concerned Extremely Concerned
A Galaxy in Need of Saving Organizations are moving workloads and data into the cloud, granting them greater productivity and flexibility, but increasing the likelihood of data leakage where proper security is not employed. As 45% of respondents store customer data in the cloud, 42% store employee data in the cloud, and 24% store intellectual property in the cloud, adopting the appropriate security measures is clearly critical.
What type of corporate data do you store in the cloud?
80 70 60
n io at
a at ua ct
ar M &
ev D le Sa
a at O
at oy pl Em
Weapons Systems Access control (52%) and anti-malware (46%) are the most-used cloud security capabilities. However, these and others—like single sign-on (26%) and data loss prevention (20%)—are still not deployed often enough. Additionally, as 66% of respondents said that traditional security tools don’t work or have limited functionality in the cloud, adopting appropriate cloud security solutions becomes even more critical. Fortunately, cloud access security brokers (CASBs) can provide many of these essential capabilities.
What security capabilities have you deployed in the cloud? 60 50
em re Th al
n an M g Lo
en ev Pr
c ifi ec
nt oi dp
n gn -
AC le ng Si
tr on An
C ss ce Ac
Knowhere Your Data is Going Despite a slight increase since last year, a mere 20% of organizations have visibility over cross-app anomalous behavior. This is a critical requirement as only 25% of survey respondents are “single cloud” today. Unfortunately, corporate visibility over every other category decreased since 2018. This may be due to the growing number of cloud apps and personal devices over which IT struggles to gain visibility. While the high percentage of organizations that have visibility into user logins (69%) suggests that the first step of cloud security (identity management) has been taken, many organizations still lack visibility and control over what happens after authentication.
What do you have visibility into in the cloud? 2019
2018 User Logins
DLP Policy Violations
38% 35% 20% 60%
Shadow IT Usage
Cross-App Anomalous Behavior
Holes in the Hull Since 2018, malware has emerged as the most concerning data leakage vector; it was selected by 27% of respondents. Conversely, unsanctioned cloud apps falling from 12% to 5% shows that organizations are becoming aware that there are data leakage threats greater than shadow IT. Concerns about app infrastructure fell from 21% in 2018 to 9% in 2019. At the same time, misconfigurations ascended from the middle of the pack (12%) to third place (20%). These stats highlight the growing awareness that the cloud itself is highly secure, but that organizations must use it in a safe fashion.
Which data leakage vector is most concerning for your organization? 2019 2018 27% 21%
Unsanctioned Cloud Apps
App Infrastructure Vulnerabilities
Defenses at the Ready Successfully defending against malware requires organizations to utilize a three-pronged strategy that encompasses devices (endpoint protection), the corporate network (secure web gateways), and the cloud. While a few cloud apps provide some built-in malware protections, most do not. As such, a combination of tools is necessary. Fortunately the use of CASBs for malware protection has increased from 20% in 2018 to 31% today. The use of agents to secure personal devices (which violates employee privacy and creates deployment challenges), decreased from 38% in 2018 to 30% in 2019. Blocking personal device access to corporate data (which hinders employee efficiency and flexibility), increased from 21% to 27%.
What anti-malware tools does your firm use to secure cloud data? 69%
Native App Protections
Cloud Access Security Brokers
Secure Web Gateways
How does your firm secure corporate cloud data on personal devices? 6% 10% 30%
Other Third-Party ATP Solutions
None of the Above 0
Agent-Based Tools Like MDM Block Personal Device Access to Data Use a Trusted Devices Model Grant Access to Any Device Apply DLP at Upload or Download
Tools for Saving the Galaxy Interestingly, cost is the leading concern for organizations evaluating cloud security providers. Other critical concerns include ease of deployment (46%), whether the solution is cloud native (45%), the ease with which cross-cloud security policies can be enforced (36%), and the solution’s ability to integrate with various cloud platforms (36%).
What do you look for in a cloud security provider? 55%
Ease of Deployment
Simple Cross-Cloud Policy Enforcement
Integration with Cloud Platforms 0
Wrap-Up Maintaining a robust cybersecurity posture is crucial in today’s fast-paced world. Data is now being stored in more cloud apps and accessed by more devices than ever before. While some enterprises are prioritizing cloud security, many still need to rethink their approach to protecting data. Fortunately, there are cloud security solutions that can make the task incredibly simple.
About Bitglass Bitglass, the Next-Gen CASB company, is based in Silicon Valley with offices worldwide. The company’s cloud Phone: (408) 337-0190
security solutions deliver zero-day, agentless, data and threat protection for any app, any device, anywhere.
Bitglass is backed by Tier 1 investors and was founded in 2013 by a team of industry veterans with a proven
track record of innovation and execution.