Along with insider threats related to a potential “Great Resignation,” Netskope report covers increased cloud application security risks, from malware delivery to third party plugins
SANTA CLARA, Calif. – July 20, 2021 – Netskope, the SASE leader, today revealed new research showing the continued growth of malware delivered by cloud applications and also the potential for critical data exfiltration tied to employees departing their jobs, among a range of increasing cloud application security risks.
The findings are part of the July 2021 Netskope Cloud and Threat Report, the latest installment of Netskope Threat Labs’ biannual research analyzing critical trends in enterprise cloud service and app use, web and cloud-enabled threats, and cloud data migrations and transfers. As pandemic restrictions change, enterprises and their workers confront decisions on whether to stay home, return to the office, or change jobs. The July report found that some departing employees present disproportionately significant cloud security risks. In their last 30 days of employment, workers have been proven to be uploading three times more data than usual to personal cloud apps.
“Regardless of whether the so-called ‘Great Resignation’ is real or perceived, it’s a fact that employees leaving an organization pose an increasingly bigger insider security threat to organizations when they take company data with them,” said Ray Canzanese, Threat Research Director at Netskope. “That and other trends revealed in the research show that enterprises must rethink security based on the reality of cloud application use. They should favor a security architecture that provides context for apps, cloud services, and web user activity, and that applies zero trust controls to protect data wherever and however it’s accessed.”
Key Findings
Based on anonymized data collected from the Netskope Security Cloud platform across millions of users from January 1, 2021 through June 30, 2021, key findings of the report include:
– Employees attempt to exfiltrate significant amounts of work data before they depart their jobs. Some departing employees upload three times more data to personal apps in the last 30 days of employment. Google Drive and Microsoft OneDrive personal instances are the most popular targets.
– 97% of cloud apps used in the enterprise are shadow IT, unmanaged and often freely adopted.
– Third-party app plugins pose serious data risks. The report shows 97% of Google Workspace users have authorized at least one third-party app access to their corporate Google account potentially exposing data to third parties due to scopes like “View and manage the files in your Google Drive.”
– Uptick in cloud environments that are exposed to the public creates opportunities for attackers. More than 35% of all workloads are exposed to the public internet within AWS, Azure, and GCP, with RDP servers – a popular infiltration vector for attackers – exposed in 8.3% of workloads.
– Cloud-delivered malware is growing and reached an all time high. Cloud-delivered malware has increased to an all-time high of 68% with cloud storage apps accounting for nearly 67% of that cloud malware delivery and malicious Office docs now accounting for 43% of all malware downloads.
– A return to the office hasn’t quite started yet. Research indicates that 70% of users continue to work remotely as of the end of June 2021. At the beginning of the COVID-19 pandemic in March 2020, we saw a sudden and dramatic shift to remote work, from 30% of users working remotely before the pandemic to 70% working remotely soon after COVID-19 restrictions began to take hold.
The Netskope Cloud and Threat Report is produced by Netskope Threat Labs, a team composed of the industry’s foremost cloud threat and malware researchers who discover and analyze the latest cloud threats affecting enterprises.
Get the full Netskope Cloud and Threat Report here.
À propos de Netskope
Netskope, le leader du SASE, connecte directement de manière sûre et rapide les utilisateurs à Internet, à n'importe quelle application et à leur infrastructure, à partir de n'importe quel appareil, que ce soit hors ou dans le réseau. Avec des solutions CASB, SWG et ZTNA intégrées nativement dans une seule et même plateforme, Netskope Security Cloud fournit le contexte le plus granulaire, via une technologie brevetée, pour mettre en place un accès conditionnel et sensibiliser les utilisateurs, tout en appliquant les principes du Zero Trust à la protection des données et à la prévention des menaces, partout. Contrairement à d'autres qui imposent des compromis entre la sécurité et réseau, le cloud privé mondial de Netskope fournit des capacités de calcul complètes en périphérie.
Netskope propose une plateforme de sécurisation du cloud centrée sur les données, intelligente et aussi rapide que votre entreprise.Tout cela en permettant une bonne citoyenneté numérique et en offrant un faible TCO.