IT | Security

Employee Use of the Cloud Increases Risk of Data Breach

By: Absolute Editorial Team | 12/5/2014

A report out earlier this year by Ponemon for Netskope, “Data Breach: The Cloud Multiplier Effect,” examined the impact that cloud services have had on data breaches. The findings of the data are interesting, as they indicate that the use of cloud services, and thus mobile devices, increases the probabilities that organizations will face an expensive data breach.

As we already know, there is a symbiotic relationship between cloud and mobile. One of the main drivers for cloud computing is the need to sync data between multiple devices - desktops, mobile, laptops, tablets. Unfortunately, as Netskope’s Krishna notes, these multiple devices “increase the surface area of a potential breach.” In the case of this survey, those risks were limited to un-secured apps and the potential for data to “get out of control” as it is shared between apps, though the loss or theft of devices are also of concern.

This report, which surveyed 613 IT and security professionals, shows that the use of the cloud on mobile devices can be thought of as “multipliers,” or factors that increase the probability of a data breach. According to the survey, increased use of cloud services can increase the probability of a $20 million data breach by as much as 3.1 times. 

Other insights from the survey include:

  • 36% of business-critical applications are housed in the cloud, yet IT isn’t aware of nearly half of them
  • 30% of business information is stored in the cloud, yet 35% of it isn’t visible to IT
  • The probability of a data breach increases by 124% if the number of BYOD devices with access to cloud services increases by 50% over a 12-month period

Netskope-data-breach-cloud-multiplier-effect_01

According to Gartner, cloud computing will make up the bulk of new IT spending by 2016, moving toward a hybrid model of private and public cloud. RightScale’s survey indicates that 87% of organizations are currently using public cloud and 74% already have a hybrid cloud strategy. Fewer than a third of organizations have created a governance plan on security issues such as disaster recovery approaches and which clouds can be used.

While having a cloud strategy is important, so too is it important to look at your entire endpoint data security strategy. When it comes to securing the endpoints, and the data they contain, Absolute persistence technology provides a reliable connection to ensure compliance. Whether it’s monitoring or securing devices from a single console, creating custom alerts and policies, tracking (and removing) apps on devices, monitoring device security settings, applying strict security controls for data sharing, or managing BYOD programs, we have you covered. Learn more about Absolute Data Security here.