In its latest cloud report, security expert Netskope reports that over 40 percent of cloud malware is known to – not “thought to” – deliver ransomware, and that more than half of malware-infected files are shared with others. Are your sanctioned apps “laced with malware”? Such findings again spotlight the need for more reliable and consistently effective approaches to cloud access and security.
The report covers trends from 1st April to 30th June 2016 and looks at usage “across millions of users in hundreds of accounts globally”. It revealed that 43.7% of cloud malware types made up “some of the most common delivery vehicles” for ransomware including Javascript exploits and droppers, Microsoft Office macros, Linux malware and PDF exploits. In terms of severity, 80.3% were identified as “High”. The report added, “Enterprises that found malware in cloud apps had an average of 26 pieces of malware.” However, “The figure ranged from one to hundreds, with one in ten enterprises actually having sanctioned apps laved with malware”. The second key finding was that 55.9% of cloud malware files discovered in sanctioned apps – with enterprises using, on average, 824 cloud apps compared to 777 last quarter - are being shared with internal users, external users or publicly.
In data loss, cloud storage remains “unsurprisingly” the top app category for DLP violations (76.5%) followed by webmail (18.6%). Worryingly, the majority of data loss prevention violations involved personally identifiable information (53.4%); protected health information made up 14.9%.
So, how can an enterprise deal with this landscape? There are always new opportunities to do more, and get your house in better order. We need to make sure our people are properly aware of the risks out there, and the threats we face. We need to make sure our operations and data are protected as fully as possible, and without impacting on operational efficiency. We need properly thought-out CASB policies and procedures, with the most robust tools, measures and processes in place to, for example, get a proper grip on managing sensitive data, to better govern and control activities like data upload and sharing within cloud apps – and to track activity across our wider IT and app ecosystem and so respond fast to any emerging issues.