Cloud services are everywhere now, presenting themselves as the ideal replacements for solutions we thought definitive. Many times, they do; many cloud-based products are cheaper, more effective, and overall more convenient in comparison with their traditional counterparts.
However, as we have already mentioned on this blog, cloud solutions suppose new, different challenges that we weren’t used to. Cloud-based email security is one piece of that puzzle.
With the massive migration from traditional solutions to cloud-based ones when it comes to corporate email, cybersecurity is actually suffering a huge blow. Proper measures to keep sensitive information protected are being ignored while consequences for businesses are getting more serious.
McAfee and Numbers
Recently, McAfee published a report that talked about how corporate is neglecting essential security principles when it comes to cloud-based email. The migration mentioned above is taking place yet security professionals aren’t actually doing their jobs properly (or they don’t have the resources to do so).
The report gives away interesting numbers, facts that businesses shouldn’t ignore. One of the most prominent is regarding sensitive data being uploaded to exposed cloud servers. According to the report, businesses are recklessly uploading highly sensitive data to the cloud. The report shows that the share of files that contain this data goes up to 21%, a percentage that continues growing year to year.
The expansion of cloud services in the market, something addressed by the report, has brought serious yet expected problems in security and privacy.
Lack of Control
Logs and alerts are essential tools for corporate security teams to keep situations under control and act accordingly when a breach takes place.
However, the logs and alerts coming from cloud-based solutions aren’t, most of the time, comprehensive nor opportune enough. This leaves professionals without the tools and resources to prevent and mitigate.
The same happens with security native features, which most of the time lack efficacy.
Fortunately, corporate has a solution available to this problem. It starts by choosing a cloud-based email provider that actually offers the right tools for security and control. It must become a priority to have these features on board and not be treated as something indifferent.
Human Neglect
One of the most serious problems that is experiencing cloud-based email comes from end-users neglect, something that is present wherever cybersecurity is relevant: poor password habits.
Professionals continue to use weak passwords and reused them over and over again all across different accounts and services. This is, of course, a security issue and one that doesn’t go away.
Forcing better habits is a good idea, something that can be achieved with multi-factor authentication and related solutions. However, the lack of multi-factor authentication mechanisms in most cloud-based email solutions feeds the problem even further.
Again, it comes down to choosing a provider that actually takes care of secure authentication as Microsoft InTune. Funny enough, Microsoft is one of the safest options out there for cloud-based email yet security threats to its service have increased by 63% in the past 24 months.