As adoption of cloud and mobile continues to rise, common employee practices inside and outside the workplace create risk for enterprises.
These increasing threats to corporate data were highlighted in a report released today from Bitglass, the data protection company.
1. Connecting to unsecured WiFi hotspots
With Wi-Fi hotspots set up in random public spaces, Bitglass was able to capture and analyse user traffic. In the 10-hour sample period, 20% of people connected to the unsecured hotspots.
Had a malicious hacker done the same, more data could easily have been captured. While public Wi-Fi is a known risk, the study demonstrates the frequency with which employees put data and credentials at risk.
One in five individuals connected to Bitglass’ unsecured Wi-Fi over the 10-hour sample period; a slightly longer time frame than a typical working day 21 people accessed enterprise cloud applications over the unsecured Wi-Fi hotspot, including Office 365, Salesforce, Adobe Marketing Cloud, ADP, Slack, and Asana – putting corporate data at risk.
At the same time, two connected devices navigated to known malware hosts, creating additional risk for data compromise
2. Over-sharing in cloud applications
Separately, the Bitglass team analysed the cloud applications of enterprise customers to uncover the volume of shared cloud data. These cloud applications, designed to enable sharing and collaboration, have become a major risk and one of the top drivers of enterprise data leakage.
>See also: Total connection: Singapore’s public Wi-Fi
It found that 51% of data stored in Google Drive is shared with individuals outside of the enterprise – significantly more than data in other apps, and roughly 19% of corporate data stored in Dropbox is publicly available.
In organisations with Office 365 deployed, 69.5% of OneDrive data is shared internally on average.
Rich Campagna, CEO at Bitglass, said: “Over the past several years, organisations have enabled employee mobility and collaboration by deploying cloud applications. While the productivity benefits of this move are clear, businesses must wake up to the fact that a risky login over an unprotected Wi-Fi hotspot or a single unauthorised share can subvert a company’s entire security investment.”