Julia White, Microsoft’s Corporate Vice President of Azure and Security, disclosed the figure in a blog post this week. Discussing Microsoft’s “multi-faceted” approach to cloud security, White suggested “data protection cannot be left to employees to manage.”
As digital transformation takes hold of workplaces, growing numbers of SaaS services and web-based tools are seeing use. Problems can arise if these platforms aren’t vetted properly by IT. An insecure external server could leak company data to the wider Internet, creating a dangerous situation with far more problems than the benefits offered by cloud agility.
Even when platforms are secured, ensuring employees use just the ones approved is a challenge. With the majority of people still using unapproved apps on work devices, either inadvertently or out of lack of awareness, Microsoft said IT managers should be vigilant and cognisant of the risks.
READ NEXT: Deloitte suffered silent data breach it took six months to find
Monitoring tools can help tech teams to assess the apps being used inside an organisation. Employees can then be informed of the dangers and assisted in migrating to an approved service. Alternatively, if the app stands in good repute, it could be worthwhile adding it to the whitelist. In either case, taking action puts IT a step further towards regaining control of the workplace.
The largest cause of enterprise security breaches continues to be weak or stolen passwords. Compromising an employee’s user account gives attackers an inside look into the company’s digital presence. If a large, all-inclusive cloud platform is breached, a single stolen password could grant access to a diverse range of resources including emails, documents, private contact details and customer data.
To combat this risk, Microsoft advised conditional access be implemented. This AI-powered security technique uses a combination of “risk factors” to assess in real-time whether a user should be given access to a resource. It avoids the issue of a user account being given permanent permissions that could give an attacker unfettered access to the cloud.
READ NEXT: Microsoft announces new AI tools for digital transformation
If an account is compromised, the AI-powered conditional access mechanisms should detect the login as irregular and block access to any sensitive material. Attributes including physical location, device identity and regular user patterns can count as risk factors. If any attribute flags an alert, such as a location checker noticing a New York-based user just tried to authenticate from San Francisco, the login can be suspended until an administrator approves access. These kinds of capabilities are built into Microsoft’s Azure cloud services.
“The vast majority of security breaches continue to trace back to weak or stolen passwords. Because it’s proving to work, attackers are increasing their focus on stealing passwords to access corporate systems,” White said. “The latest Microsoft Security Intelligence Report shows a 300 percent increase in user account attacks. To address this growing issue, it is essential to focus on securing identities and access. Our cloud-based approach is through broadly implemented conditional access.”
Digital transformation brings a broad range of benefits to enterprises. However, transformation strategies should be implemented while remaining mindful of cybersecurity realities. Even the most complex security plan could be thwarted if an employee brings a compromised personal device to work or visits an unapproved website during their lunch break. Eliminating this kind of risk isn’t viable in the long-term, so proactive solutions based on automation should be adopted for better protection.
