Netskope report reveals identity and access management top concern for I/PaaS deployments

Report reveals 71.5% of CIS Benchmark violations in AWS occur in the Identity and Access Management category.


Johannesburg, 14 Nov 2018
Read time 3min 30sec

Netskope, the leader in cloud security, today announced the release of the Autumn 2018 Netskope Cloud Report on enterprise cloud service usage and trends.

According to the report, which analysed the Center for Internet Security's Benchmarks for Amazon Web Services (AWS), 71.5 % of violations occur around identity and access management for AWS. Public cloud infrastructure services such as AWS have seen widespread adoption in enterprises, affirming the need for clear identity and access policies to be in place to ensure sensitive data is secure.

Several recent high-profile corporate breaches have been traced back to a misconfiguration of resources like S3 buckets, pointing to a weakness in many enterprise I/PaaS security strategies. While many organisations have controls around cloud services, such as multifactor authentication and single sign-on solutions, porting the same types of controls over to cloud infrastructure like AWS often goes overlooked. Organisations are exposing themselves to significant security risks, by not addressing these gaps.

Puleng Technologies is one of the leading providers of data security, identity and access management architectures in South Africa and a Netskope partner. "We recognise that identity governance enables and secures digital identities for all users, applications and data," said Muhammed Mayet, Head of Security at Puleng. "The ability to provide controls and policies that extend across hybrid environments ensures a robust governance and compliance framework for access to critical services and data, irrespective of where these critical assets reside."

According to the report findings, many of the IAM violations found involve instance rules, role-based access controls, and access to resources or password policy requirements, simple fixes that enterprises can easily address even without an external security solution.

"As organisations increasingly adopt a multi-cloud approach, IT teams must continuously assess the security of their public cloud infrastructure and be aware of the data moving in and out of those services," said Sanjay Beri, founder and CEO, Netskope. "Enterprises should consider using the same security profiles, policies and controls across all services, SaaS, IaaS, and Web, to reduce overhead and complexity as the use of cloud services scales."

Additional CIS Benchmark violations by category included Monitoring (19%), Networking (5.9%) and Logging (3.6%). In resource type violations, EC2 led the way at 66.2% of the violations, followed by CloudTrail (15.2%), S3 (10.9% ), IAM (4.5%) and other (3.2%). In severity, 86.3% of violations were of medium severity, 9.1% high, 4% critical and 0.6% low.

Consistent with previous reports, most DLP violations still occur across cloud storage services (54%) and Web mail (35.3%), followed by collaboration services (10.1%) and other (including cloud infrastructure) at 0.6%. Cloud infrastructure DLP policies are on the rise due to the increase in use of these services.

This quarter, the average number of cloud services per enterprise increased by 5.5% to 1 246, compared to 1 181 in the February 2018 report. The vast majority, 92.7% of these services, are not enterprise-ready (NER), earning a rating of "medium" or below in the Netskope Cloud Confidence Index (CCI).

Similar to the February 2018 report, HR and marketing services are the most highly used in organisations regarding average number, followed by collaboration services.

Service category

Average number of cloud services

% NER

HR

175

96%

Marketing

170

98%

Collaboration

110

83%

Finance/Accounting

76

94%

CRM

76

93%

IT Service/Application Management

31

93%

Cloud Storage

28

67%

Social

26

92%

Resources:

* Download the Netskope Cloud Report for more detailed analysis and to see the full list of the most widely used cloud services by enterprises.
* Learn more about how to gain visibility into enterprise cloud services and how to ensure they are secure and compliant.
* Visit the Netskope Hub for the latest commentary and insight on trends from the Netskope team.

Netskope

Netskope is the leader in cloud security. It helps the world's largest organisations take full advantage of the cloud and Web without sacrificing security. Its patented Cloud XD technology eliminates blind spots by going deeper than any other security provider to quickly target and control activities across thousands of cloud services and millions of Web sites. With full control through one cloud-native interface, Netskope's customers benefit from 360-degree data protection that guards data everywhere, and advanced threat protection that stops elusive attacks. Netskope calls this smart cloud security.

Puleng

Puleng Technologies is a proudly South African B-BBEE level two ICT solutions integration company with its roots firmly planted in building local expertise and providing its customers with "project success" linked to the solutions it designs and supports. The Puleng Blueprint provides its customers with a client-centric strategy to manage and secure the two most valuable assets an organisation has: its "data" and "users", while facilitating IT and business with a platform to build an efficient, collaborative governance, risk and compliance (GRC) programme to address IT risk-facing businesses.

Virtualisation and management teams. A converged infrastructure platform brings many benefits to its customers, but in essence, will simplify infrastructure management and operations, drive higher levels of data centre standardisation, flexibility and performance.

Editorial contacts
The Marketing Hub Khanyisa Sikhalela (087) 808 8500 khanyisa@marketighub.co.za