The high price of careless cloud app usage

If you believe internal attacks are caused only by malicious insiders, think again. According to a Ponemon Institute report from 2022, employee negligence is responsible for 56% of insider threats and its annual average cost is a whooping $6.6 million. While insider threats are nothing new, cloud adoption has increased the cost of employee negligence since they are more likely to lose control by switching between numerous personal and corporate cloud applications daily. In 2020, 17% of data breaches were caused by an employee error, double that of the previous year, according to Verizon. In a nutshell, unintentionally exposed enterprise data is rising with cloud app adoption.

Negligence leading to insider incidents can happen for two reasons: Prioritizing convenience over compliance, and not keeping personal accounts and devices protected with the best security measures.

Here are three scenarios that might sound relatable:

• An employee sends work files to their personal email account so that they can work on their laptop over the weekend.
• An employee uploads customer data to an unsanctioned analytics SaaS application to perform better analysis.
• A new employee uploads sensitive data to their personal Google Drive or Box account to download and access on their mobile device or share it with colleagues.

These examples could be common practices in many organizations. Consider an employee's personal cloud account or device being compromised due to misconfigured settings, weak passwords, or phishing. This could expose sensitive enterprise data by bad actors. The security analyst must identify malicious insiders while minimizing false positives. Gaining visibility into the cloud app usage and user behaviors will help mitigate such security concerns.

How to be prepared:

1. Transparency: Educate employees on security policies so they understand the repercussions of their careless actions, and are more careful while using cloud apps. Also encourage openness, so employees share any incidents or errors committed, and the IT admins become aware of how employees use cloud apps.

2. Technology: Have in place a cloud security gateway with data loss prevention (DLP) capabilities that acts as a policy enforcement point between users and cloud apps. Cloud access security brokers (CASBs), for instance, can discover shadow applications and monitor user activity. This can go a long way in helping admins by giving contextual information about the uploaded file, such as file name, type, and size.

No business can completely eliminate employee errors. However, transparency with the right technology is vital. Employees require leeway to use different cloud apps for productivity gains and, at the same time, security analysts need sufficient oversight to monitor the use of these apps to ensure security. It is imperative to achieve a perfect balance between the two.