7 in 10 of companies hosting data in the public cloud experienced a security incident

A recent survey conducted by IT experts found that 70% of companies who used popular cloud storage companies like Amazon and Google were hacked or had important data leaked; usually because of basic security blunders by the storage companies.

In one concerning and surprising data point, it was revealed that 98% of the companies did not enable multi-factor authentication on cloud accounts that held enormous amounts of sensitive data. This is extremely shocking considering that enabling multi-factor authorization is a basic step that even consumers use to protect their data. A senior security expert said that most hackers do not even bother attacking accounts that are protected by multi-factor authentication. This one step removes a major part of security vulnerabilities. Sophos, a private IT company that specializes in online security and hardware development for encryption, conducted an anonymous survey on three thousand five hundred and twenty-one IT managers who are currently hosting workloads and data using one of the mentioned cloud storage providers: Azure, Oracle Cloud, AWS, VMware Cloud on AWS, and Alibaba Cloud. Sophos did not involve itself in the selection of respondents and all of the respondents’ identities were kept anonymous. The survey was conducted in the first two months of the current year.

Cloud computing which allows users to remotely access, view, and edit information stored digitally, has seen a rise in usage since the Coronavirus pandemic. The sudden change of office workspaces to online workspaces may mean that certain essential security steps have been overlooked. This a harbinger of bad things to come. This form of carelessness is not something multi-million dollar corporates can afford and they must be certain that their data is secured.

Cloud providers like Microsoft Azure, Amazon Web Services, and Google Cloud are notorious for leaving the security settings entirely in the hands of the user; inability to correctly configure these settings may have dire consequences. Providers must make sure that their software is easy to set up and intuitive. Although it is the users' responsibility to carefully go through and study the security settings and implement them.

After countless complaints by users and companies, a few providers are starting to ensure that no data is uploaded to the cloud without the necessary security measures being implemented. For example, Azure now makes it fairly hard to connect cloud data to the internet without implementing security measures.

The easiest way that users can ensure that their data is secured is by enabling multi-factor authorization which although may sound intimidating is an extremely easy process to apply and is well worth the minimal trouble that users have to go through to enable it.

Read next: A Survey Provides an Overview of Working from Home and Cybersecurity during the COVID-19 Pandemic
Previous Post Next Post