The Insider Threat already lives in the cloud. Right now, IT lacks visibility into the data being used in the cloud. A recent survey revealed that that “shadow data” is a major threat. This unmanaged data, stored in the cloud, is broadly shared among employees and external parties. Another report indicated that only 49% of organizations know when and where sensitive data is being downloaded from the cloud.
Storing files in the cloud is common practice for backing up or sharing files with co-workers. These files may include intellectual property, confidential business information, usernames, passwords, or highly regulated information such as healthcare, personal, or financial details.
Users who place critical data in cloud-sync apps like Dropbox, Google Drive, or Box are essentially just as much of a threat as those placing that data in a regular folder on their devices. But the potential risk of a security breach is much higher. Data stored in the cloud can inadvertently travel further and faster. With just one errant link, anyone can access unprotected sensitive data synced in the cloud: no phishing, no malware, and no cyberattack required. For an organization governed by stringent compliance regulations, this is a perfect storm.
New Whitepaper on Cloud Data Risk
In our new whitepaper, At-Risk Data in the Cloud: 3 Strategies to Stop the Data Bleed, we look at how true visibility can unmask the threat of the cloud. We talk about:
- Why drives employees to the cloud
- The mistakes made by different kinds of employees, either seeking productivity, through naive actions or maliciously
- The importance of education
- The benefits to routine scans of devices
- How to combat malicious insiders
- The importance of “light-speed” response
In many cases, total lack of visibility from IT’s standpoint becomes a roadblock to combat the insider threat. If you’re able to run routine endpoints scans on cloud-sync application folders you can detect the existence of sensitive data. This will give you actionable insight into threats and allow you to take preventative action or remediate threats before they continue.
With Absolute DDS, we bring you the power of awareness. Only Absolute Data & Device Security (DDS) is capable of scanning devices for sensitive pieces of information and encrypting or erasing data off the company network, so you can respond quickly.
Download the full whitepaper to learn more about how to stop the data bleed in the cloud.