Online Exclusives: In Cloud We Trust? -- Security Today

Online Exclusives: In Cloud We Trust?

A new survey reveals that cloud storage users have mixed feelings about security issues

By William Wong
Oct 17, 2016

An increasing number of individuals and businesses are using cloud storage. Recent statistics show that by 2017, an estimated 1.7 billion people globally will be users of personal cloud storage. Other studies predict that the market for cloud storage will grow to over $65 billion by 2020, representing an impressive 30 percent compound annual growth rate over five years.

This wide and continuously expanding usage of cloud services seems to imply trust in the cloud. Yet a new survey on security issues suggests otherwise. While the vast majority of those surveyed confirmed that they do use cloud services like Google Drive, Dropbox, and Box for hosting their documents, the study found that close to half of users (43 percent) don’t even keep their passwords on a computer. This finding reveals a basic distrust among users when it comes to the ability to secure even basic information on their computers or in the cloud.

A significant majority (77 percent) of those surveyed keep track of their passwords by writing them down in a notebook or other means such as simply remembering them or storing them on a thumb drive. With less than a quarter of the nearly 400 people surveyed storing their password in a spreadsheet or other office application such as Word or Notes, it’s clear that many don’t feel as secure about the public cloud as its high usage would suggest.

What Makes Data Insecure?

There are plenty of reasons behind these trends. Not all cloud services are equally secure, and many cloud environments are vulnerable to security threats. The same features that create benefits when using on-demand shared cloud servers can also open them up to data breaches from authentication issues or compromised credentialing. Identity management can be a problem in cloud environments, and cyber thieves can steal passwords that aren’t appropriately protected. Other cloud-related threats that can easily jeopardize data and document security include vulnerable APIs and interfaces, attacks on system vulnerabilities, account fraud, and even malicious insider activities.

In the new study, over 80 percent of respondents—who span a wide range of ages from under 18 to over 60 years old—expressed concern about document security. Despite these concerns, 40 percent surveyed keep all of their documents on their local hard drive; another 11 percent keep them in the cloud. Less than 10 percent secure their documents by encrypting and password-protecting them with office productivity suite software.

When it comes to email attachments, 83 percent of survey participants do have security concerns and take precautionary measures to protect their data. Sixty-two percent never open unsolicited files or attachments, and another 21 percent have disabled the auto-download feature on their computer.

Options to Boost Security

Clearly, the cloud isn’t going away any time soon. People will continue to adopt mobile apps and documents in the cloud space as more and more users grow accustomed to accessing content across devices regardless of their environment. Rather than retreating from cloud-based solutions, a more forward-thinking approach is to employ ways to help better secure your documents wherever they are.

It’s important whether you’re working in a cloud or desktop environment to always use best practices for securing your documents. Here are a few to keep in mind as the digital world becomes increasingly cloud-centric:

Use password protection. Some applications that are part of office productivity software come equipped with password protection and advanced read/write options. These features allow you to select who can see and/or modify your documents and who can’t.

Employ encryption. Another built-in feature to look for in an office productivity suite allows you to secure and encrypt your sensitive documents using passkeys for added protection. Encryption is an important safeguarding tool for mobile devices as well.

Be smart about unsolicited files. If you receive an unsolicited attachment or file, don’t be tempted to open it. Even if the sender’s name is familiar, it might be a phish scam or virus if the file arrives unexpectedly or out of context from files you would normally receive from that sender.
App permissions. Sometimes called “click-through agreements, these mobile document security app permissions give you added protection by delivering a prompt before you install an app, verifying that you want to proceed, so remember to take advantage of this buffer.

Device security features. Be sure to enable specific security features on your mobile devices such as setting PIN codes, using unlock patterns, and enabling device lockout (which can keep hackers out by locking your device if someone tries to guess at your password too many times).

While these tips may take a little extra time at the front end (not much, though), they can help you achieve greater security and peace of mind in our evermore cloud-based and collaborative world.

Featured

91 Percent of Security Leaders Believe AI Set to Outpace Security Teams

Bugcrowd recently released its “Inside the Mind of a CISO” report, which surveyed hundreds of security leaders around the globe to uncover their perception on AI threats, their top priorities and evolving roles, and common myths directed towards the CISO. Among the findings, 1 in 3 respondents (33%) believed that at least half of companies are willing to sacrifice their customers’ long-term privacy or security to save money. Read Now
- Artificial Intelligence
- Cybersecurity
Milestone Announces Merger With Arcules

Global video technology company Milestone Systems is pleased to announce that effective July 1, 2024, it will merge with the cloud-based video surveillance solutions provider, Arcules. Read Now
- Video Surveillance
Organizations Struggle with Outdated Security Approaches, While Online Threats Increase

Cloudflare Inc, recently published its State of Application Security 2024 Report. Findings from this year's report reveal that security teams are struggling to keep pace with the risks posed by organizations’ dependency on modern applications—the technology that underpins all of today’s most used sites. The report underscores that the volume of threats stemming from issues in the software supply chain, increasing number of distributed denial of service (DDoS) attacks and malicious bots, often exceed the resources of dedicated application security teams. Read Now
- Cybersecurity
Cloud Resources Have Become Biggest Targets for Cyberattacks According to New Research

Thales recently announced the release of the 2024 Thales Cloud Security Study, its annual assessment on the latest cloud security threats, trends and emerging risks based on a survey of nearly 3000 IT and security professionals across 18 countries in 37 industries. As the use of the cloud continues to be strategically vital to many organizations, cloud resources have become the biggest targets for cyber-attacks, with SaaS applications (31%), Cloud Storage (30%) and Cloud Management Infrastructure (26%) cited as the leading categories of attack. As a result, protecting cloud environments has risen as the top security priority ahead of all other security disciplines. Read Now
- Cybersecurity

Webinars

BriefCam

AI-Driven Video Analytics: The Foundation for Your Security Tech Stack
Hanwha Vision (formerly Hanwha Techwin), Eagle Eye Networks Inc, Omnilert, Salient Systems, AtlasIED, LiveView Technologies, IPVideo Corporation, ASSA ABLOY Opening Solutions, Axis Communications, Inc., Safety Technology International Inc.

Enhancing Campus Safety and Student Success: Practical Solutions for Threat Mitigation and Performance Improvement
Hanwha Vision (formerly Hanwha Techwin)

AI at the Edge: Are You Ready?

Whitepapers

Winsted Corporation

All-Star Lineup
Axis Communications, Inc.

Meeting Responsibilities for School Campus Staff
Axis Communications, Inc.

The 2024 School Violence Protection Program

New Products

HD2055 Modular Barricade

Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation. 3
Camden CV-7600 High Security Card Readers

Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure. 3
PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening. 3