CloudLock: 1% of End Users Represent Disproportionate Security Risk

Image Attribution: Flickr

CloudLock CyberLab has just released a new report detailing how 1% of end users are directly responsible for 75% of the overall security risks associated with cloud computing. These results were compiled in a CloudLock’s 3rd quarter cybersecurity report.
The report focuses on one of the weakest links in your cloud computing security scheme: the end user. CloudLock compiled data from over 10m users, which accumulated over 1 billion files that spanned across 90,000+ different applications.
Within these findings, CloudLock details some pretty alarming facts. For example, CloudLock found that clear text passwords existed within files and folders in almost every organization that it polled. CloudLock reports that it was finding on average, 4,000 instances per organization where a password was stored in a clear text manner.
CloudLock goes on to define this risky 1% of users as being end users that have tremendous privileges on your network such as developers, service accounts and super privileged end users. Within CloudLock’s report, it goes on to say that 52,000 “Risky” cloud app installs were detected to be installed by privileged users. CloudLock followed up saying that this number should be zero, given the fact that these accounts are essentially the keys to the kingdom.
“Cyber attacks today target your users – not your infrastructure. As technology leaders wake up to this new reality, security programs are being reengineered to focus where true risk lies: with the user,” claims CloudLock CEO Gil Zimmermann.
“The best defense is to know what typical user behavior looks like – and, more importantly, what it doesn’t,” adds Zimmermann.
CloudLock says that the best way to reduce risk to identify risky users and engage them within the security process. CloudLock mentions that with one of its clients, it reduced cybersecurity risks by 62% in one day.