Bitglass: Compromised credentials are just one way your corporate data is being exposed
A guest blog from Bitglass, read the original at https://www.bitglass.com/blog/datawatch-beware-of-careless-insiders
Every day, employees around the world use the cloud to perform their jobs. With bring your own device (BYOD), workers are given dynamic data access to complete their work from unmanaged devices, remote locations, and unsafe WiFi. Due to the host of modern cloud applications, corporate information can be stored in more places and shared more widely than ever. Together, these trends of BYOD, remote data access, and widespread sharing put enterprise data in jeopardy.
In its recent study, “Datawatch,” Bitglass explored the ways in which sensitive information can be put at risk by careless employee behavior, and conducted experiments to gain insight into how easily corporate data can leak.
Unsecured Public WiFi
Many individuals see free public WiFi as a helpful avenue for internet access and completing work. However, such networks are typically unsecured and can allow mischievous parties to steal login credentials and other sensitive information. To uncover how easily this kind of theft can occur, Bitglass provided free public WiFi at random Bay Area locations to determine how many people would connect and what domains they would visit once online.
Sharing and Malware
The degree to which files are shared across cloud applications can expose corporate data. Organizations can be put at risk by malicious and unauthorized users accessing sensitive information. Additionally, if even one employee is infected by malware or ransomware, she or he can spread it throughout the company merely by uploading an infected document to a shared cloud app. To test this, Bitglass, analyzed how widely its customers share their data across multiple cloud applications.
In light of the above scenarios, it’s apparent that one set of compromised credentials can lead to excessive data exposure. In its Compromised Credentials report, Digital Shadows, a company that gives deep analytics on digital risk, provides insight and surprising statistics on compromised credentials and the dark web.
To learn more about data exposure and the results of Bitglass’ experiments, download the full report.