<img src="//pixel.quantserve.com/pixel/p-_JKXxuL8SR7wu.gif?labels=_fp.event.Default" style="display: none;" border="0" height="1" width="1" alt="Quantcast">
blog-banner.jpg

Next-Gen CASB Blog

The Great Security Masquerade

By Annie Wang | January 5, 2015 at 1:06 PM

Screen_Shot_2015-01-05_at_11.34.05_AMYou are cordially invited to the Great Security Masquerade and I bet you didn’t even know it. With the adoption of the cloud, and BYOD cyber criminals are having a field day masquerading around in attempts to pilfer sensitive company data, post it on the black market for sale or hold up companies for ransom. Today, over 2/3 of companies utilize cloud applications and 60% allow BYOD in the workplace. Yet, there is still a lack of confidence in data security. In fact, only 18% IT professionals believe that their organization are ready for mobile security threats. 

Understanding how exactly these data marauders are attacking companies is the most important factor to consider. Once you’ve done this you can begin building/deploying security methods to help prevent your data from ending up in the wrong hands.

The Most Popular Masks: 

There are several ways that crooks are masking themselves. Here is a look at a few of them:

  1. The Trusted Device Mask  Cyber criminals infect a “Trusted” device with malware. Once that device re-enters the company network, the malware begins stealing data
  2. The Insider Mask – Outsider gains entry into an enterprise’s network and then begins accessing sensitive data is if they were an actual employee of the enterprise
  3. The Phishing Mask – Black hatter poses as a consultant or vendor in attempts to woo employees into giving up their employee credentials

How To RSVP – “H*ll No!” To the Party

The need for an adaptive/flexible security model has never been greater. If companies are going to move to the cloud, they cannot expect to have effective security based on a perimeter mentality. Today, the IT world has changed, it is perimeter-less and enterprises need to be open to using security solutions that were built with this in mind.

Data has to be protected in multiple places, more specifically, the very same avenues that it now travels through. These avenues include: the cloud (whether public or private), at the access point of cloud applications, on mobile devices in which employees are accessing data from and lastly, on the organization's network. Not securing these 4 areas would be like being a celebrity and having a personal bodyguard that doesn’t travel with you. Security must be present wherever your data is, and that means whenever and wherever your data is travelling.

Enterprises are aware that data is now more vulnerable then ever, but the lack of urgency that companies have when it comes to finding a solution is alarming. The “it will never happen to me” cop out just doesn’t cut it anymore. Data security IS an urgent matter. If you are part of the 82% of employees who do not believe their organization has enough security in place, speak out. Your voice could lead to the next “No” RSVP to The Great Security Masquerade. 

 

Chris Hines

Product Marketing Manager @Bitglass