Connect with us

Tech

New Mcafee Report Reveals Data In The Cloud More Exposed Than Organizations Think

Avatar

Published

on

McAfee, the device to cloud cybersecurity company, released its Cloud Adoption and Risk Report, which analyzed billions of events in anonymized customers production cloud use to assess the current state of cloud deployments and to uncover risks.

The report revealed that nearly a quarter of the data in the cloud can be categorized as sensitive, putting an organization at risk if stolen or leaked. Coupled with the fact that sharing sensitive data in the cloud has increased 53 percent YoY, those who do not adopt a cloud strategy that includes data loss protection, configuration audits and collaboration controls, will endanger the security of their most valuable asset—data—while exposing themselves to increased risk of noncompliance with internal and external regulations.

The study found that while organizations aggressively use the public cloud to create new digital experiences for their customers, the average enterprise experiences more than 2,200 misconfiguration incidents per month in their infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS) instances. Cloud service providers only cover the security of the cloud itself, not customer data or customer use of their infrastructure and platforms. Companies are always responsible for securing their data wherever it is, hence highlighting the need to deploy cloud security solutions that span the whole cloud spectrum, from SaaS (software-as-a-service) to IaaS and PaaS.

“Operating in the cloud has become the new normal for organizations, so much so that our employees do not think twice about storing and sharing sensitive data in the cloud,” said Rajiv Gupta, senior vice president of the Cloud Security Business, McAfee.  “Accidental sharing, collaboration errors in SaaS cloud services, configuration errors in IaaS/PaaS cloud services, and threats are all increasing. In order to continue to accelerate their business, organizations need a cloud-native and frictionless way to consistently protect their data and defend from threats across the spectrum of SaaS, IaaS and PaaS.”

Cloud Collaboration a Blessing and a Curse:

Cloud services bring a momentous opportunity to accelerate business through their ability to quickly scale, allowing businesses to be agile with their resources and provide new opportunities for collaboration. Cloud services like Box and productivity suites like Office 365 are used to increase the fluidity and effectiveness of collaboration. However, collaboration means sharing, and uncontrolled sharing can expose sensitive data. Findings demonstrate that:

  • Twenty-two percent of cloud users share files externally, up 21 percent YoY
  • Sharing sensitive data with an open, publicly accessible link, has increased by 23 percent YoY
  • Sensitive data sent to a personal email address also increased by 12 percent YoY

To secure sensitive data in cloud storage, file-sharing and collaboration applications, organizations must first understand which cloud services are in use, hold their sensitive data, and how that data is being shared and with whom. Once organizations have gained this visibility, they can then enforce appropriate security policies to prohibit highly sensitive data from being stored in unapproved cloud services and provide guardrails that prevent noncompliant sharing of sensitive data from approved cloud services, such as when data is shared with personal email addresses or through an open, public link.

IaaS and the Risks of Misconfiguration:

With SaaS, securing data, user identity and access to data is primarily the customer’s responsibility. With IaaS, customers take on a much larger share of security responsibility that includes data, identity, access, applications, network controls and host infrastructure. While this provides customers with an opportunity to have greater control over their cloud infrastructure, it also increases the organization’s surface area for security risks and their responsibility for the same. IaaS providers, like Amazon Web Services (AWS), provide several infrastructure and platform services, each having deep and complicated security settings. Magnifying the IaaS/PaaS security challenge is the fact that organizations use multiple IaaS/PaaS vendors running several instances of each vendor’s product. Our research found:

  • Ninety-four percent of IaaS/PaaS use is AWS, but 78 percent of organizations using IaaS/PaaS have both AWS and Azure
  • Enterprise organizations have an average of 14 misconfigured IaaS/PaaS instances running at one time, resulting in over 2,200 individual misconfiguration incidents per month
  • Five-and-a-half percent of AWS S3 buckets have world read permissions, making them open to the public

McAfee recommends that organizations continuously audit and monitor their AWS, Azure, Google Cloud Platform and other IaaS/PaaS configurations as a standard security practice, while protecting data stored in IaaS/PaaS platforms. IaaS/PaaS use is growing rapidly as an alternative to on-premises data centers. Businesses need to get ahead and address their security responsibilities—data protection and threat defense as they would for SaaS cloud services and also configuration compliance and workload protection for IaaS/PaaS cloud services—before they experience a security incident.

Compromised Accounts and Insider Threats:

Most of the threats to data in the cloud result from compromised accounts and insider threats. The average organization generates over 3.2 billion events per month in the cloud, of which 3,217 are anomalous behaviors and 31.3 are actual threat events. In addition:

  • Threat events in the cloud, such as a compromised account, privileged user, or insider threat, have increased 27.7 percent YoY
  • Eighty percent of all organizations experience at least one compromised account threat per month
  • Ninety-two percent of all organizations have stolen cloud credentials for sale on the Dark Web
  • Threats in Office 365 have grown by 63 percent YoY

To get ahead of comprised accounts and insider threats, organizations should understand how cloud services are used. They should also identify anomalous behavior, such as when the same user accesses the cloud from disparate locations simultaneously, which could indicate a compromised account threat.

As a first step towards protecting data in the cloud, cloud access security brokers (CASB) should be implemented. CASBs are cloud-native services that enforce security, compliance and governance policies for cloud services. They help organizations leverage and extend their existing security controls where appropriate and define and deploy new cloud-native ones where appropriate to enable enterprises to consistently protect their data and defend from threats across the spectrum of SaaS, IaaS and PaaS.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Tech

Dinesh Nair Appointed as Director for Consumer Business Lenovo India

NDM Network

Published

on

Global technology leader Lenovo has appointed Dinesh Nair as Director, Consumer Business for India region. Dinesh succeeds Mr. Shailendra Katyal, who has recently been appointed Site Leader for Lenovo India and Managing Director of Lenovo’s PC and smart device business in India. 

Dinesh Nair has been an integral part of the Lenovo India consumer business for more than 11 years and has worked successfully across several roles. His most recent role was as the sales & channel management lead for Lenovo’s consumer segment in India. He has handled leadership responsibilities across offline general trade retail, distribution management, field sales, eCommerce, large format retail and category management, and has been a key contributor to the company’s growth journey in India. 

“During this difficult time in India, we are working hard to ensure the safety of our employees, partners and customers and I am grateful that we have excellent leaders in place to bring our team together and offer this support. I am proud to hand over the reins of the consumer business to Dinesh. At the same time, this is a demonstration of our commitment to developing talent internally. I am sure he, along with the consumer leadership team, will propel the business to new heights,” said Shailendra Katyal, Managing Director, Lenovo India.

Continue Reading

Tech

ASUS ROG Announces ROG Masters Asia Pacific eSports Tournament

Avatar

Published

on

By

ASUS ROG will host its first ROG Masters Asia Pacific eSports tournament from March to April 2021. Due to COVID-19 pandemic affecting travel around the region, the tournament will be conducted entirely online, with quarterfinal to final matches livestreamed.

The ROG Masters tournament will feature Counter-Strike: Global Offensive (CS:GO) as the official game title will provide opportunity to teams with enthusiastic players to pitch their skills against each other, as well as the best professional teams from their market and in the region.

Tournament Structure

The tournament will see various teams from 15 markets across the region vying for the chance to be crowned as the first ROG Masters Asia Pacific Edition CS:GO Champion. 

The tournament will be played in three stages played over the course of 2 months:

  • Country qualifiers
  • Country finals
  • Asia Pacific finals

Country qualifiers matches for India will start in the second week of April 2021; 8th April and the finals to be held on the 10th April. The India finals to find the top three teams to represent the country will be livestreamed live on 10th April.

Professional teams from across the region will be automatically placed into seeded positions in the country finals. This gives a greater chance for non-professional, enthusiast teams from India to get through the qualifiers and meet the pro teams in the country finals. 

Country Champions will then go on to experience battling winning teams from other APAC markets in the finals that will be livestreamed during 22nd to 25th April 2021.

Prizes

3 qualifying teams from India finals will stand to win US$800 for first place, US$400 for second place, US$200 for third place. They will then go on to the Asia Pacific finals with the chance to win the following prizes for the championship:

ROG Masters APAC ChampionshipAPAC Finals (USD/ team)
1st$10,000
2nd$3,500
3rd$1,500

Registration and Official Tournament Website

Registration for the first ROG Masters Asia Pacific tournament opens on February 8, 2021 at the tournament’s official website.

Registration closes on February 28, 2021 Further details, match schedules, pro team information as well as rules and regulations can also be found on the tournament website.

Continue Reading

Tech

Garena Launches Free Fire South Asia Showdown: Battle of the Stars

Avatar

Published

on

By

Garena has announced the Free Fire South Asia Showdown: Battle of the Stars, Free Fire’s first-ever esports tournament for the South Asia region. Taking place on 6 February, the tournament will feature some of the gaming community’s favourite Free Fire streamers and personalities from India, Pakistan, Nepal, and Bangladesh.

The Free Fire community has continued to expand in South Asia and across the world, with the mobile battle royale game the most downloaded mobile game globally in 2020, according to App Annie. Through the Free Fire South Asia Showdown: Battle of the Stars, Garena will look to continue its efforts to excite and delight its fast-growing South Asian community with exciting Free Fire content, and to support and develop the incredible online community in the region.

Tournament Format

The Free Fire South Asia Showdown: Battle of the Stars will feature a total of 12 teams. Each team will be led by one of the top 3 streamers from each of the 4 participating nations – chosen by public voting – in this epic clash to determine the best in the region. 

The 12 teams will compete in the Battle Royale Squad mode for a slice of the 1 million diamond prize pool. The ultimate winner of this star-studded tournament will receive 500,000 in-game diamonds; the first and and second runners-up will be awarded 300,000 and 200,000 diamonds respectively. 

Invited Teams

The Free Fire South Asia Showdown: Battle of the Stars will feature some of the most popular streamers and personalities from across South Asia. 

The team captains for each nation are: 

India

  • Total Gaming (19.4 Million YT Subs)
  • Desi Gamers (7.8 Million YT Subs)
  • Two-Side Gamers (6.85 Million YT Subs)

Bangladesh

  • Gaming with Nayeem (1.6 Million YT Subs)
  • Illusionist YT (479K YT Subs)
  • Gaming With Zihad (698K YT Subs)

Nepal 

  • Sooneeta (3.26 Million YT Subs)
  • Bshow Mgr (399K YT Subs)
  • Tonde Gamer (2.37 Million YT Subs)

Pakistan

  • RKG ARMY (1.77 Million YT Subs)
  • Unusual Gamer (81K YT Subs)
  • The Skinzo FF (75.5K YT Subs)

Broadcast Details:

Fans can witness all the high-octane action by tuning in to the live broadcasts of the Free Fire South Asia Showdown: Battle of the Stars. These will be hosted on Free Fire Esports India YouTube and Facebook, Free Fire Bangladesh Official YouTube and Facebook, as well as on BOOYAH!. 

To cater to the diverse South Asian community, the matches will be streamed with live commentary in 5 languages – Bengali, English, Hindi, Nepali and Urdu.

Continue Reading

Best Buyer Guide

TV1 day ago

Check Out These Best Smart LED TVs Under 40,000

We consider TV as a source of ultimate entertainment for us. While you are working from home it has become...

TV3 weeks ago

Check Out These Top 5 TVs for Ultimate Gaming Experience

Innovation is said to be the key factor to success in this era of technology and the television industry has...

TV1 month ago

Top 5 TVs to Boost Your Home Entertainment

The Indian television business is in the midst of a major transformation. When compared to the past, watching television today...

Gadgets1 month ago

Top Tech Gifting Ideas for This Rakhi Under 2000

The precious bond between a brother and a sister is filled with a lot of emotions. Though the strong bond...

Trending1 month ago

Best Thin And Light Laptops For Work And Play

Today, PC brands are bringing high-end laptops to support the intense workloads. The consumers want performance oriented laptops that can...

Gadgets1 month ago

Improve Your Productivity with These Smart Gadgets

A highly motivated, engaged and self-sustained team or an individual is key to success for any project. Investing in the...

Smartphone2 months ago

Enjoy Up to 40% Discount on Popular Smartphones at Amazon Great Freedom Festival Sale

Have you been waiting to get your favorite smartphone? Or wondering to upgrade with the latest one with top-notch features?...

TV2 months ago

Check Out The Top 5 LED TVs Under 30,000

There’s a wide range of available options for smart TVs in the market. It becomes arduous to select one for...

Gadgets2 months ago

Best 5 Portable Projectors for Theatre-like Experience at Home

Today’s projectors do more than only display images and movies. So, whether you want to watch movies on the large...

Gadgets2 months ago

Best Tech Deals to Grab During Amazon Prime Day Sale

Amazon is set to bring the best offers on top tech gadgets for its Prime Day Sale. The sale will...

Advertisement

Trending