>
New research from Zscaler Threatlabz has found that many companies have not properly set up their cloud technologies, potentially exposing themselves to serious vulnerabilities and the risk of cyber-attacks.
The research analyzed more than 260 billion daily transactions worldwide on Zscaler’s platform, revealing quite disturbing results.
Some of the key findings included misconfigurations that had put nearly all businesses at risk, as well as the lack of adoption of a fairly basic technology that goes a long way in protecting users.
Exposure to data in the cloud
The number of organizations having “disturbing” misconfigurations that create “critical” risks to data and infrastructure is an alarming 98.6%. However, Zscaler emphasizes that these are just misconfigurations and not vulnerabilities, meaning that with proper care and attention, the risk can be drastically minimized.
It also found that 68% of companies had given remote users administrative privileges, increasing the risk of data exfiltration and exploits. While this isn’t a misconfiguration per se – as it’s probably intentional – companies should carefully consider who needs higher levels of permissions.
The research also found that very few organizations are implementing basic protection in the form of multi-factor authentication (MFA) for privileged user accounts, meaning that a leaked or otherwise disclosed password could be all a malicious user needs to gain access to sensitive business accounts. information.
Moving away from misconfigurations, Zscaler highlighted the number of companies blatantly failing to apply basic ransomware controls to cloud storage (59.4%), which could be a cost-cutting effort that puts them at serious risk.
Overall, it’s clear that almost any business can take basic steps to protect its data before having to look to expensive and more sophisticated tools.