According to a new report, 98.6 percent of organizations have misconfigurations in their cloud environments that can pose a critical risk to data and infrastructure.
Done by Zscaler according to research cloud configuration errors related to public access to storage, account permissions, password storage and management, and more led to the exposure of billions of data. Compounding the problem is that 55.1 percent of organizations use more than one cloud provider, and 66.7 percent of organizations have public cloud storage.
There are also problems with access to systems. Privileged user access without multifactor authentication results in compromised accounts in 97.1 percent of organizations. With approximately 25 percent of intrusions initiated by phishing attacks and the sophistication of such scams becoming increasingly difficult to detect, it is critical for organizations to increase access control.
These risks also extend to the supply chain. 68 percent of organizations have external user administrator rights to their cloud environment. For external identities, including managing contractors and integrations, 75.4 percent of organizations with AWS accounts do not apply strict access controls to limit the permissions and activities these admin/superuser-level accounts can perform.
In addition, 59.4 percent of organizations do not implement basic blackmail controls for cloud storage, such as MFA deletion and versioning. Meanwhile, 17.4 percent of organizations run workloads on vulnerable virtual machine compute instances exposed to the Internet, which can lead to critical data breaches.
The Zscaler blog reports more about the report.
Hardware, software, tests, interesting and colorful news from the world of IT by clicking here!