Employees inside and outside the workplace continue to generate increased cyber risks for all types of enterprises, new research found.
To uncover the risks posed by users’ data-related habits in the cloud and mobile environments, security firm, Bitglass, tested real-world scenarios.
They looked at frequency of connections to unsecured Wi-Fi hotspots, rate of external sharing in cloud applications, and the volume of corporate credentials already exposed.
With Wi-Fi hotspots set up in random public spaces, researchers captured and analyzed user traffic.
In the 10-hour sample period, one-in-five people connected to the unsecured hotspots. Had a malicious hacker done the same, more data could easily have been captured.
While public Wi-Fi is a known risk, the study demonstrates the frequency with which employees put data and credentials at risk.
Highlights of what Bitglass found include:
• One in five individuals connected to Bitglass’ unsecured Wi-Fi over the 10-hour sample period; a slightly longer time frame than a typical work day.
• 21 people accessed enterprise cloud applications over the unsecured Wi-Fi hotspot, including Office 365, Salesforce, Adobe Marketing Cloud, ADP, Slack, and Asana – putting corporate data at risk.
• Two connected devices navigated to known malware hosts, creating additional risk for data compromise.
Bitglass also found cloud applications from its enterprise customers to uncover the volume of shared cloud data.
These cloud applications, designed to enable sharing and collaboration, have become a major risk and one of the top drivers of enterprise data leakage.
• 51 percent of data stored in Google Drive is shared with individuals outside of the enterprise – significantly more than data in other apps.
• 19 percent of corporate data stored in Dropbox is publicly available.
• In organizations with Office 365 deployed, 69.5 percent of OneDrive data is shared internally on average.