Skyhigh Networks adds threat protection and data loss prevention capabilities to the cloud  

As more corporate data is stored in the cloud, security incidents are no longer isolated to PCs and applications on the network

This column is available in a weekly newsletter called IT Best Practices.  Click here to subscribe.  

Every time I read the quarterly Cloud Adoption & Risk Report published by Skyhigh Networks, I come across some tidbit of information that truly surprises me. What is it in the Q4 2016 report that has me so astounded? Consider this: Fewer than half (42%) of cloud providers explicitly specify that customers own the data they upload to the service. The rest of the providers either claim ownership over all data uploaded, or don’t refer to data ownership at all in their terms and conditions, leaving it open to controversy if service is discontinued.

If that isn’t bad enough, it gets worse. The report reveals that only 8.6% of some 20,000 cloud service providers that Skyhigh investigated encrypt data at rest. Of those providers that do encrypt data, fewer than 1% do so with customer-managed encryption leys. What’s more, only 8.7% of cloud-based application providers commit to not share data with third parties such as marketers and advertising companies. Said another way, 91.4% of providers do not encrypt data at rest and 91.3% might possibly share customer data with third parties.

Granted, these statistics probably don’t apply to the prominent enterprise cloud apps that companies use extensively; i.e., Microsoft Office 365 and the Google G Suites of the world. However, Skyhigh says that the average company now uses more than 1,400 cloud-based applications – both enterprise-grade and consumer-grade – and it’s likely that many of those applications do bear the type of risk described above.

Skyhigh further notes that 18.1% of files uploaded to cloud-based file sharing and collaboration services contain sensitive data. This includes: confidential information such as financial records and source code; personally identifiable information (PII); protected health information (PHI); payment information; and other types of sensitive information that could put an organization at risk if breached.

These statistics aren’t mere estimates; Skyhigh Networks generates them based on actual cloud usage of more than 30 million anonymized users worldwide. This demonstrates the need for additional security measures to protect data organizations are putting in the cloud. This is typically what Cloud Access Security Brokers (CASBs) do.

Skyhigh was among the first entrants in the CASB market, and today it is one of two companies recognized by Forrester Research as a market leader. In addition to being feature-rich, Skyhigh continues to push the market by adding new CASB services.

There are two areas in particular that are getting a lot of interest, the company says: threat protection and data loss prevention. These mechanisms have long been available behind the enterprise firewall, but as more corporate data is stored in the cloud, security incidents are no longer isolated to PCs and applications on the network.

According to the Skyhigh risk report, the number of cloud-related threats has reached an all-time high. The average number of monthly incidents per organization reached 23.2—nearly a 20% increase since this time last year. In terms of threat protection, Skyhigh focuses on malware protection and user behavior analytics (UBA) to identify insider threats and compromised accounts.

A recent incident involving the gaming company Zynga illustrates the need for UBA on cloud services. Zynga is suing two former employees for theft of intellectual property just prior to resigning from Zynga to take positions at a rival company. Forensic evidence shows that one employee accessed a Zynga-owned Google Drive account from which he downloaded ten folders which he had permission to access. He copied nine of those folders to an external USB device that was then disconnected from the network. This is not considered normal behavior for this user. Being able to flag and/or stop that kind of activity at the time that it’s happening is just as important in the cloud as it is on a company-owned network, and user behavior analytics can help to detect events like this.

A common use of cloud apps is for collaboration and file sharing. While these applications can make people more productive, they also present risk to the organization if an employee – accidently or intentionally – shares sensitive data with a third party external to the organization. Say the employee puts data in a folder that has external collaborators who should not have access to the file. Data loss prevention technology can help detect such activity and ensure that data is protected regardless of where it resides.

Four years ago companies didn’t know what cloud applications their employees were using. Now there is a lack of understanding of what type of data is being stored in those cloud services. This is critically important because once a company has that type of insight, it can develop policies to make sure that if someone is downloading the data, or sharing the files inappropriately, or doing any number of other risky activities, the company can be notified. This is the next phase on the journey to the cloud.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Now read: Getting grounded in IoT