A new study by Zscaler Threatlabz has found that many companies have not set up their cloud technologies correctly, potentially leaving themselves at risk of serious security vulnerabilities and cyberattacks.
The study analyzed over 260 billion daily transactions worldwide on the Zscaler platform, revealing some rather disturbing results.
Among the key findings were misconfigurations that put almost all businesses at risk, and failure to adopt fairly basic technology that greatly protects users.
Data exposure in the cloud
The number of organizations that have “disturbing” misconfigurations that cause “critical” threats to data and infrastructure is an alarming 98.6%. However, Zscaler stresses that these are merely misconfigurations and not vulnerabilities, meaning that with proper care and attention, risks can be drastically minimized.
We also found that 68% of companies have granted administrative privileges to external users, which increases the risk of data exfiltration and exploitation. While this is not a misconfiguration per se – as it is likely intentional – companies should carefully consider who needs higher permission levels.
The study also found that very few organizations apply basic protection in the form of multi-factor authentication (MFA) to privileged user accounts, meaning that a leaked or otherwise compromised password may be enough for a malicious user to gain access to sensitive information. company data. Information.
Moving away from misconfigurations, Zscaler noted the number of companies that blatantly fail to apply basic ransomware controls to cloud storage (accounting for 59.4%), which can be a cost-saving effort that puts them at serious risk.
Overall, it’s clear that almost any business can take basic steps to protect their data before resorting to expensive and more advanced tools.