71.5% of CIS Benchmark Violations in AWS Occur in Identity and Access Management Category
LOS ALTOS, Calif. – Oct. 25, 2018 – Netskope, the leader in cloud security, today announced the release of the October 2018 Netskope Cloud Report™ on enterprise cloud service usage and trends. According to the report, which analyzed the Center for Internet Security’s Benchmarks for Amazon Web Services (AWS), 71.5 percent of violations occur around Identity and Access Management for AWS. Public cloud infrastructure services like AWS have seen widespread adoption in enterprises, affirming the need for clear identity and access policies in place to ensure sensitive data is secure.
Insecure IAM Exposes Enterprises to Risks
Several major recent high profile corporate breaches have been traced back to a misconfiguration of resources like S3 buckets, pointing to a major weakness in many enterprise I/PaaS security strategies. While many organizations have controls around cloud services such as multi-factor authentication and single sign-on solutions, porting the same types of controls over to cloud infrastructure like AWS often goes overlooked. Organizations are exposing themselves to significant security risks without addressing these gaps.
According to the report findings, many of the IAM violations found involve instance rules, role-based access controls, and access to resources or password policy requirements — simple fixes that enterprises can easily address even without an external security solution.
Additional CIS Benchmark violations by category included Monitoring (19 percent), Networking (5.9 percent) and Logging (3.6 percent). In resource type violations, EC2 led the way at 66.2 percent of the violations, followed by CloudTrail (15.2 percent), S3 (10.9 percent), IAM (4.5 percent) and other (3.2 percent). In severity, 86.3 percent of violations were of medium severity, 9.1 percent high, 4 percent critical and 0.6 percent low.
Cloud DLP Violations on the Rise
Consistent with previous reports, most DLP violations still occur across cloud storage services (54 percent) and webmail (35.3 percent), followed by collaboration services (10.1 percent) and other (including cloud infrastructure) at 0.6 percent. Cloud infrastructure DLP policies are on the rise due to the increase in use of these services.
In DLP violations by activity, uploads made up the majority with 55.3 percent, followed by downloads (32.4 percent), send (11.2 percent) and other (1.1 percent). The report also looked at I/PaaS DLP violations as a separate category to understand the areas and activities in which security teams are focusing their DLP policies. Similar to the entire category, download and upload were the major activities with violations with 64.1 percent and 35.7 percent, respectively.
“As organizations increasingly adopt a multi-cloud approach, IT teams must continuously assess the security of their public cloud infrastructure and be aware of the data moving in and out of those services,” said Sanjay Beri, founder and CEO, Netskope. “Enterprises should consider using the same security profiles, policies and controls across all services — SaaS, IaaS, and web — in order to reduce overhead and complexity as the use of cloud services scales.”
Average Cloud Services Per Enterprise by Category
This quarter, the average number of cloud services per enterprise increased by 5.5 percent to 1,246, compared to 1,181 in the February 2018 report. The vast majority, 92.7 percent of these services, are not enterprise-ready (NER), earning a rating of “medium” or below in the Netskope Cloud Confidence IndexTM (CCI).
Similar to the February 2018 report, HR and marketing services are the most highly used in organizations in terms of average number, followed by collaboration services.
|Service Category||Average Number of Cloud Services||% NER|
|IT Service/Application Management||31||93%|
Netskope is the leader in cloud security. We help the world’s largest organizations take full advantage of the cloud and web without sacrificing security. Our patented Cloud XD technology eliminates blind spots by going deeper than any other security provider to quickly target and control activities across thousands of cloud services and millions of websites. With full control through one cloud-native interface, our customers benefit from 360-degree data protection that guards data everywhere and advanced threat protection that stops elusive attacks. At Netskope, we call this smart cloud security.