Data breach announcements surface daily. No business seems to be immune -- from the Chili's restaurant disclosure to the massive Equifax breach. All types of data leaks are becoming more and more frequent -- including many cases involving Amazon Web Services user error.
It makes me wonder: Can the growing number of breaches possibly be linked to the careless attitude many people have towards security on their newly adopted cloud platforms?
Bitglass, a company with a stake in the cloud security game, recently released a 2018 Cloud Adoption Report -- its fourth such study, which examines cloud adoption in more than 135,000 organizations around the globe. According to the company, the report corroborates what is now broadly apparent – the flexibility, productivity and cost savings benefits of cloud apps have fueled widespread adoption in every industry. However, the report also found that the adoption of cloud security technologies lags behind cloud adoption.
The report states that 81 percent of organizations globally are now using cloud apps. Only 25 percent of organizations have adopted single sign-on (SSO), which is typically the first, most basic cloud security technology implemented, according to Bitglass. SSO combined with multi-factor authentication lowers the risk of phishing and password hacks.
Key Findings from the report include:
- In terms of organization size, large enterprises use SSO more than two times as often as small businesses (44.1 percent compared to 17.9 percent). By industry, education is the leading adopter of SSO at 40.3 percent, while retail (15.9 percent) has one of the lowest SSO adoption rates, which could explain why restaurants like Chili's and retail giants like Target have become targets (excuse the pun) for attacks on customer data.
- Office 365 usage surpassed G Suite usage in 2016 and has proceeded to stretch its lead since then. Currently, Microsoft’s offering boasts more than twice as many deployments as Google’s. While G Suite usage has remained steady at 25 percent, Office 365 usage has grown from 34.3 percent in 2016 to 56.3 percent.
- Amazon Web Services (AWS) has emerged as the go-to infrastructure as a service (IaaS) solution. Eight percent of companies worldwide are using AWS with the technology industry leading the way at 21.5 percent adoption.
- In just a few short years, Slack has risen to become one of the most widely adopted cloud applications in the enterprise, in use at a staggering 42.9 percent of enterprises.
Why aren't companies concerned?
If these numbers are correct that means almost a fourth of all the organizations that have adopted cloud services and infrastructure are not using security best practices. In an effort to not be the next data breach headline, you would think more folks would be concerned about the security of their data.
Perhaps many of these companies feel safe simply by leveraging basic security built into Slack, Office 365 or Salesforce. That's an "out of sight, out of mind" mentality. When depend on third parties to manage their back-end data, they seem to defer to those parties to manage the associated security. That's a mistake.