Modernizing Authentication — What It Takes to Transform Secure Access
According to the results of a recent Softchoice survey of 1,500 full-time employees in North America, 58 percent of respondents haven't been told the right way to download and use cloud apps.
Thirty-nine percent haven't been informed of the risks of downloading cloud apps without IT's knowledge, and 44 percent haven't been told how to transfer and store corporate data securely.
Thirty-one percent of millenial employees and 22 percent of baby boomers have downloaded cloud apps without letting IT know. Similarly, 23 percent of millenials and 13 percent of baby boomers have downloaded unsanctioned cloud apps even when IT offered an approved version.
Employees who use cloud-based apps are 10 times more likely to use an app they download themselves instead of one approved by IT.
The top reasons for not using IT-approved cloud apps, the survey found, are a poor user experience, not trusting that the app is secure, finding that the app isn't compatible with all devices, finding that the app lacks specific features needed for work, and finding that the app is too slow.
Security awareness isn't progressing as well as it needs to, the survey found -- one in five respondents keep passwords in plain sight, such as on a Post-It note; one in four manage passwords in a file that isn't password-protected; and one in five access work files from a device that isn't password-protected.
In general, cloud app users are twice as likely to keep passwords on Post-It notes, store passwords on an unprotected shared drive, manage passwords in an unprotected document, and access work files from an unprotected device than employees who don't use cloud-based apps.
"Most businesses have a stronger understanding of the cloud than they did two years ago, yet, barely anything has improved when it comes to better user behavior," Softchoice president and CEO David MacDonald said in a statement. "Risky behavior and data vulnerabilities are almost guaranteed to persist if organizations don’t provide training and direction on cybersecurity best practices for the apps, platforms and IT tools employees use on a daily basis."
The February 2016 Netskope Cloud Report found that 4.1 percent of enterprises have sanctioned cloud apps that are infected with malware, and employees use 917 different cloud apps in the average enterprise. "Employees are adopting cloud apps at an unprecedented rate, and organizations must prepare for the increasing security risks and challenges associated with the changing workplace," Netskope co-founder and CEO Sanjay Beri said in a statement.
Separately, a recent survey of 1,200 IT decision makers in Australia, Brazil, Canada, France, Germany, Spain, the U.K. and the U.S., found that only 13 percent of respondents completely trust public cloud providers to secure sensitive data.
The survey, conducted by Vanson Bourne for Intel Security, also found that 66 percent of respondents feel that senior IT management doesn't completely understand the risks of storing sensitive data in the cloud.
Twenty-three percent of respondents have already experienced cloud provider data losses or breaches, and 20 percent have reported unauthorized access to their data or services.
Still, 77 percent of organizations trust cloud services more now than they did a year ago, and 43 percent don't use encryption or anti-malware solutions in their private cloud servers.
"This is a new era for cloud providers," Raj Samani, chief technology officer for Intel Security EMEA, said in a statement. “We are at the tipping point of investment and adoption, expanding rapidly as trust in cloud computing and cloud providers grows."
"As we enter a phase of wide-scale adoption of cloud computing to support critical applications and services, the question of trust within the cloud becomes imperative," Samani added. "This will become integral into realizing the benefits that cloud computing can truly offer.”
Recent eSecurity Planet articles have offered five security tips for moving SharePoint to the cloud, and five ways to make the public cloud more secure.
Photo courtesy of Shutterstock.