User Review
( votes)In its research study, titled Enterprise supernova: The data dispersion, cloud adoption and risk report, McAfee highlighted the broad distribution of data across devices and the cloud.
“The force of the cloud is unstoppable, and the dispersion of data creates new opportunities for both growth and risk,” said Rajiv Gupta, senior vice-president of cloud security at McAfee.
“Security that is data-centric – creating a spectrum of controls from the device, through the web, into the cloud, and within the cloud – provides the opportunity to break the paradigm of yesterday’s network-centric protection that is not sufficient for today’s cloud-first needs.”
McAfee said the sprawling nature of high-risk cloud services was clearly driving new areas of risk. Just over half of companies were found to have used cloud services that had user data stolen in a breach.
It found that 79% of organisations stored sensitive data in public cloud environments, each approving an average of 41 different services, although thousands of others are being used on an ad hoc basis without any vetting by IT teams.
The prevalence of shadow clouds is expanding risk for businesses in many ways, said McAfee. For example, about 26% of files in the cloud were found to contain sensitive data, but 91% of cloud services providers do not encrypt data at rest, meaning it can’t be protected if the provider is breached.
Data travelling in between these diverse cloud providers also opens new paths to risk. As organisations collaborate more internally, the transfer of data within and between cloud providers is creating challenges for data protection. The report claimed 49% of files that enter a cloud service will eventually be shared, and that 10% of files in the cloud that contain sensitive data use a publicly accessible link to the file.