Secureframe Finds 37% of Organizations Reuse Passwords for Cloud Service Providers
Secureframe launches Secureframe Trust to empower businesses to showcase a strong security posture.
May 10, 2023
PRESS RELEASE
SAN FRANCISCO, May 10, 2023 /PRNewswire-PRWeb/ -- Secureframe, a leading provider of compliance automation software, has released new research revealing common security failures in organizations worldwide. These new findings were released in conjunction with the announcement of Secureframe Trust, which helps
organizations build customer confidence by enabling them to demonstrate their security, compliance, and privacy posture. According to the study, three common security failures are prevalent in cloud-first organizations:
-- Access key rotation for cloud service providers had the highest failure rate at 41%.
-- 40% of IAM accounts and 21% of root accounts did not have multi-factor authentication set up for cloud service providers.
-- 37% of organizations reused passwords for cloud service provider logins. The failure rates for these common security configurations shed light on why account takeover is still one of the top threat vectors leveraged by bad actors. Top cloud platforms such as Amazon Web Services, Microsoft Azure, and Google Cloud Platform all provide capabilities around multi-factor authentication, access key rotation, password reuse prevention natively within their platforms.
Secureframe's compliance platform helps organizations in achieving security compliance and enhancing their security posture through critical security controls and continuous monitoring of their cloud resources like the ones named above. Once an organization has reached compliance with Secureframe's platform, they can use Secureframe Trust — a powerful package consisting of a new Trust Center offering combined with Secureframe's Knowledge Base and ML-powered questionnaires solutions — to showcase their security posture and build trust with prospects and customers.
With Secureframe Trust, organizations can:
-- Turn their security posture into a competitive advantage by proactively showcasing the measures they have taken around security, compliance, and privacy.
-- Enable prospects to self-serve or request any security documents they need.
-- Streamline security reviews by allowing administrators to review, approve, and deny resource requests from their dashboard.
-- Respond to RFPs and security questionnaires up to 10 times faster with ML-powered questionnaires automation.
-- Maintain a single source of truth on answers to security questions, accessible to anyone in the organization from the comfort of their browser with the Secureframe Knowledge Base Chrome extension.
Secureframe Trust, together with Secureframe's core compliance platform, will help organizations to prevent cloud security failures, achieve compliance, accelerate security questionnaire responses, and build customer confidence.
"Data security is a top priority for us, and building customer trust is a critical component of our business as an AI company. With Secureframe Trust, it is easier than ever to build a Trust Center that showcases our high compliance standards in a way that is clear, concise, and comprehensive." - Autumn Moulder, Cohere.
To learn more about Secureframe Trust, please visit the website or schedule a demo.
ABOUT SECUREFRAME:
Secureframe empowers businesses to build trust with customers by automating information security and compliance. Thousands of fast-growing businesses such as AngelList, Ramp, Remote, and Coda, trust Secureframe to simplify and expedite their compliance journey for global security and privacy standards such as SOC 2, ISO 27001, PCI DSS, HIPAA, GDPR, and more. Backed by top-tier investors and corporations such as Google, Kleiner Perkins, and Accomplice Ventures, the company is amongst the Forbes list of Top 100 Startup Employers for 2023.
You May Also Like
A Cyber Pros' Guide to Navigating Emerging Privacy Regulation
Dec 10, 2024Identifying the Cybersecurity Metrics that Actually Matter
Dec 11, 2024The Current State of AI Adoption in Cybersecurity, Including its Opportunities
Dec 12, 2024Cybersecurity Day: How to Automate Security Analytics with AI and ML
Dec 17, 2024The Dirt on ROT Data
Dec 18, 2024