The 1% Who Put the Entire Organization at Risk
A new study investigates the ways a small number of employees can unwittingly, for the most part, jeopardize the security integrity of an organization.
1% of users are responsible for 57% of file ownership, 81% of files shared, 73% of excessively exposed files, and 62% of app installations.
The composition of the 1% of users includes super-privileged users, software architects and machine-based identities that grant access privileges and archival data.
Digital assets in the cloud are owned disproportionately; the top 1% of users own 57% of these assets in the top 5% are responsible for 81% of these assets.
Here’s the breakout of risk, calculated as a function of users’ volume of usage, potentially risky behaviors and violations of corporate security policy: Top 1% of users create 75% of risk, Top 5% of users create 90% of risk, Remaining 95% of users account for 10% of risk
The majority of company assets exposed to everyone in the company and the public are created by just 5% of all users. In some cases users are malicious, but most are unaware that they are over-sharing company assets.
Documents become public unintentionally by “inheritance:” A drag and drop into a public folder, A collaborator makes their folder public without informing the rest of the team, A compromised third-party application changes the access control list of assets
70% of cloud-based sharing occurs with personal, non-corporate domains, signaling significant personal email stockpiling.
Third-party applications exchange data with other cloud apps, including corporate, sanctioned applications. They often allow editing, deleting, and copying and externalize information. Cyber criminals frequently target these apps as entry points into the organization.
1% of users are responsible for 62% of app installations. There are 91,000 unique third-party applications. On average, organizations have 540 unique third-party cloud applications, up from 130 in 2014.
Consider these risk remediation strategies: Focus on the riskiest subset of users, Focus security on organizations with which you collaborate the most, When checking third-party applications, check enforcement capabilities, policy-driven app control and end-user education, Correlate insight across cloud environments