Varonis released new data indicating that 44 percent of organizations’ cloud privileges are misconfigured. The “2021 SaaS Risk Report” addressed key trends and challenges that organizations face in controlling unsupervised identities and “shadow” privileges, posing risk to information across a fragmented SaaS (Software-as-a-Service) and IaaS (Infrastructure-as-a-Service) environment.
Additional findings included 75 percent of external contractor cloud identities remaining active after their sessions are completed, with 43 percent of all cloud identities abandoned as well as 60 percent of users being shadow admins with specific permissions to escalate privileges. More troublingly, Varonis discovered that about 15 percent of employees transfer business-critical data to a personal cloud account.
In terms of remediation, recommendations included:
- Reducing one’s cloud blast radius by providing employees with minimum access for performing work functions.
- Monitoring user activity for anomalies and unusual activity.
- Monitoring account activity to cut shadow identities.
- Performing periodic entitlement reviews.
- Employ cross-cloud threat detection.
- Installing processes for off-boarding remote employees and contractors.
- Adopting a unified, cross-service identity access management policy for revoking no-longer-applicable permissions.
Varonis collected and analyzed data from more than 200,000 identities and “hundreds of millions” of cloud-based assets to assemble the report.