Nearly half of cloud privileges are misconfigured

An estimated 44% of cloud user privileges are misconfigured, leaving companies at risk, according to Varonis’s 2021 SaaS Risk Report.

An analysis of data from over 200,000 cloud identities and hundreds of millions of cloud assets conducted for the report found that misconfigured privileges are often leaving users with overly broad privileges as a result of security team oversight or malicious activity.

Around three in five privileged cloud users are shadow admins — having unauthorised privileged access acquired outside of the security team’s purview.

Meanwhile, the report found that 43% of all cloud identities are sitting abandoned and unused, leaving them sitting ducks for account takeovers.

The report found that three in four cloud identities belonging to external contractors remain active after they leave the organisation, giving them free rein to continue to access and potentially steal IP and data.

Meanwhile, one in four identities in SaaS apps and half of the identities in IaaS services are non-human, including APIs, serverless applications or virtual machines.

Because these accounts are always logged in and typically overlooked by security teams, they are under threat of compromise 24/7, Varonis said.

The report also found that users continue to engage in high-risk cloud activities, with 15% of employees transferring business-critical data to their personal cloud accounts. A total of 16% of cloud users perform privileged actions typically reserved for admins.

The report urges organisations to reduce their risk exposure by ensuring employees with cloud accounts have the minimum access and privileges needed to do their job. Organisations should also eliminate shadow identities, regularly review account entitlements and monitor user activities for anomalies.

Image credit: ©stock.adobe.com/au/Kalawin