Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security
Authentication
Mobile
Privacy
Compliance
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management
Comments
Cloud Apps & Security: When Sharing Matters
Newest First  |  Oldest First  |  Threaded View
krishna@netskope.com
50%
50%
[email protected],
 User Rank: Author
8/19/2014 | 6:23:09 PM
Re: Crux of the problem
@Marilyn The proportion of sharing to uploads is not that surprising. One factor that plays into this is the profileration of devices in the enterprise. A study done by Cisco a few years back revealed that the average number of devices per enterprise user is around 3. Another interseting observation is the native clients of cloud apps on mobile endpoints make it extremely easy to share content. The combination of the two creates a pyramid effect for a share that a user initiates. My prediction is that we will see the number of shares grow even further.

@aws0513 - thanks for sharing your thoughts on the issue of sharing and access to sensitive data. I agree with you that us humans are the weak links in the chain. The need to know concept has been deployed successfully in the classified networks (albeit closed) using technology tools. The challenge we are faced with is the evolution of distributed public data repositories (cloud storage) and agile processes where access to data from anywhere, any device and anytime is key to the success of businesses. In fact the "need to know" paradigm can be implemented especially for cloud apps using cloud app control solutions (also referred to as cloud access security brokers) that provide granular policy enforcement for activities that deal with sensitive data like sharing.
aws0513
50%
50%
aws0513,
 User Rank: Ninja
8/19/2014 | 2:21:17 PM
Re: Crux of the problem
While it is true that sharing is not necessarily evil, the need for policy regarding the concept of "need to know" should be pervasive throughout the organization, not just in terms of computer systems or a cloud environment.
In many organizations, the policies regarding sensitive or regulatory data are already well founded.  For organizations that must collaborate with others regarding sensitive data, specific protocols, agreements, trust chains, and management structures are usually well established before any data exchanges take place

The problem for security professionals that are tasked to enforce those policies is that no easy to implement system, electronic or not, will provide an automated means to easily identify when unauthorized sharing of sensitive data is taking place.  Much less prevent such activity.

Certainly, the organization can implement a MAC security model for managing sensitive data, and even turn on intensive C2 logging for all the systems involved with data management and sharing.  I have worked in such situations and believe me when I say that this is very expensive and involves a lot of overhead in terms of people to make it work right.  Even with such an environment, need to know is still part of the collaboration and sharing equation.

In the end, it is people who really need to be able to understand and enforce the concept of need to know when it comes to data collaboration and sharing.  If the people involved with managing and handling sensitive data do not understand and adhere to the need to know concept and how it is to be enforced, then unauthorized data sharing will happen regardless of policy.  That fact gives government and private entities around the world great heartburn.  In our world today, one person with access to sensitive data can completely upturn all of the work, plans, and reputation of any organization.
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
 User Rank: Strategist
8/19/2014 | 1:29:36 PM
Re: Crux of the problem
Thanks @Krishna. Were you surprised about the amount of sharing along with uploading and downloading that you discovered in the data? (Three shares for every upload in storage apps). Do you think that's going to increase?
krishna@netskope.com
50%
50%
[email protected],
 User Rank: Author
8/19/2014 | 1:21:01 PM
Re: Crux of the problem
Marilyn - your observation is spot on. Studies have shown that collaboration as enabled by sharing in cloud apps has helped grow not only the top line but the bottom line of businesses. The key is to address the risk and reap the rewards of sharing in the enterprsie. Some of the important factors to consider in sharing are - who are the users the content is being shared with, the domains they belong to (internal vs external), content type and classification (sensitive vs benign), risk posture of the cloud app etc. By adopting a cloud app control solution that provides the capability to address the above factors in a policy, enterprises can safely enable sharing in cloud apps and experience the benefits of doing so.
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
 User Rank: Strategist
8/19/2014 | 9:01:05 AM
Crux of the problem
It occurs to me that what will be most challenging for enterprise security teams is that "sharing" is not in of self a good thing or a bad thing. As Krishna writes, it can be "very benign or very risky, depending on content and context." So policy discussion will require a fair amount of research and discussion.


COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/10/2020
Pen Testers Who Got Arrested Doing Their Jobs Tell All
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/5/2020
Researcher Finds New Office Macro Attacks for MacOS
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/7/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7029
PUBLISHED: 2020-08-11
A Cross-Site Request Forgery (CSRF) vulnerability was discovered in the System Management Interface Web component of Avaya Aura Communication Manager and Avaya Aura Messaging. This vulnerability could allow an unauthenticated remote attacker to perform Web administration actions with the privileged ...
CVE-2020-17489
PUBLISHED: 2020-08-11
An issue was discovered in certain configurations of GNOME gnome-shell through 3.36.4. When logging out of an account, the password box from the login dialog reappears with the password still visible. If the user had decided to have the password shown in cleartext at login time, it is then visible f...
CVE-2020-17495
PUBLISHED: 2020-08-11
django-celery-results through 1.2.1 stores task results in the database. Among the data it stores are the variables passed into the tasks. The variables may contain sensitive cleartext information that does not belong unencrypted in the database.
CVE-2020-0260
PUBLISHED: 2020-08-11
There is a possible out of bounds read due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-152225183
CVE-2020-16170
PUBLISHED: 2020-08-11
The Temi application 1.3.3 through 1.3.7931 for Android has hard-coded credentials.