For most companies, blocking a cloud service such as Netflix is a no brainer, as it saps both bandwidth and productivity.
However, IT administrators need to think differently about cloud services to better secure their company and its data, Rajiv Gupta, co-founder and chief executive of cloud security firm Skyhigh Networks, told eWEEK.
In a study released last week, the company found that customers are more likely to block popular safe services than more risky services that could compromise security or cause data leaks.
“Companies are taking yesterday’s approach to blocking,” Gupta said. “IT is still taking a productivity and bandwidth based approach rather than risk-based approach to what they need to block.”
As a greater variety of cloud services appear, companies need a more risk-based strategy to determine which services employees can use, he said. With workers using an average of more than 500 different cloud services, the task is not an easy one.
Moreover, if employees are not educated about the reasons why certain services are blocked nor given alternatives, they will adapt as well, Gupta said. In one instance, a company blocked backup service Carbonite for fear that data would be leaked or exfiltrated using the service. Soon after, an employee started using another service known as Elephant Backup instead. Skyhigh rates Elephant as risky.
“What you find is that our IT organisation is so in the dark about what is risky that they are making the wrong decisions,” Gupta said.
Two big categories that are considered high risk are tracking services and development services, according to the report. Typical web tracking services, such as KISSmetrics and AddThis, do not deliver any value to a company but can offer attackers enough insight into employee habits to help target waterhole attacks. Such attacks find websites visited by company employees, attempt to compromise the sites and then deliver malicious code to employees through the sites.
Development services can be used as a way of exfiltrating data or as an infection vector. Even social media sites can be used to communicate data outside the company firewall, according to Gupta. One customer found a user who sent out a million tweets in a day, but in reality, their compromised systems was exporting data 140 characters at a time via the tweets.
“This is all about shedding light on shadow IT,” he said.
Are you a security pro? Try our quiz!
Originally published on eWeek.
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…