Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

7/20/2012
04:01 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Research Finds 80 Percent Of Companies Do Not Use The Cloud Services They Want Due To Security Fears

Meantime, 70 percent of companies would use these services if they were as robust as internal tools, according to Varonis Systems

NEW YORK, July 17, 2012 – Research conducted by Varonis Systems Inc. (http://www.varonis.com), the leading provider of comprehensive data governance software, has found that while 80 percent of companies do not allow their employees to use cloud based file synchronization services, 70 percent of companies would use these services if they were as robust as internal tools. For the research, decision makers were interviewed about the emerging shift from Bring Your Own Device (BYOD) to Bring Your Own Services (BYOS).

The results indicate that while the vast majority of organizations would like to harness the power and ease that file synchronization technology could give them, only 20 percent currently allow these services due to fears of data leakage, security breaches and compliance issues. To protect themselves against these threats, 59 percent of organizations use a combination of policy backed up with blocking techniques to stem the tide of enterprise files spilling onto external servers and devices. A further 20 percent rely on policy alone to stop the mass leakage of proprietary and regulated data.

In stark contrast, a significant fifth of companies have no measures in place at all to prevent their staff from accessing file synchronization tools, leaving their employees free to take confidential data outside the company with them. Of this fifth, an astonishing 70 percent were seemingly not concerned about having no controls in place to defend themselves against critical information leakage or loss.

With BYOS threatening to sweep past all company defenses and carry away the company data, the reaction seems two-fold: while the majority of companies block file synch services completely, the rest leave their employees free reign.

David Gibson, VP of strategy at Varonis said, “As workers are increasingly required to divide their time between working on the move, at home and in the office, companies and employees alike yearn for the ease of use and convenience of file synch services. Even organizations that block these services may have employees using them when they’re not connected to the corporate network, breaching the defenses of a corporation and introducing a host of new vulnerabilities. The challenge is to provide companies with a service that has the robust controls of its internal system while empowering staff to do their work wherever, whenever and from whichever device they need.”

To download the full Cloud Synchronization Services Research report, visit http://hub.varonis.com/BYOSSurvey

About Varonis Systems

Varonis is the leader in unstructured and semi-structured data governance software. Based on patented technology and a highly accurate analytics engine, Varonis solutions give organizations total visibility and control over their data, ensuring that only the right users have access to the right data at all times from all devices, all use is monitored, and abuse is flagged.

Varonis makes digital collaboration secure, effortless and efficient so that people can create and share content easily with whom they must, and organizations can be confident their content is protected and managed efficiently.

Voted one of the "Fast 50 Reader Favorites" on FastCompany.com, and winner of the SC Magazine Innovation, Product or Service of the Year, and Best Network Security Awards, Varonis has more than 4,500 installations worldwide and is headquartered in New York, with regional offices in Europe, Asia and

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
US Capitol Attack a Wake-up Call for the Integration of Physical & IT Security
Seth Rosenblatt, Contributing Writer,  1/11/2021
More SolarWinds Attack Details Emerge
Kelly Jackson Higgins, Executive Editor at Dark Reading,  1/12/2021
Vulnerability Management Has a Data Problem
Tal Morgenstern, Co-Founder & Chief Product Officer, Vulcan Cyber,  1/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7343
PUBLISHED: 2021-01-18
Missing Authorization vulnerability in McAfee Agent (MA) for Windows prior to 5.7.1 allows local users to block McAfee product updates by manipulating a directory used by MA for temporary files. The product would continue to function with out-of-date detection files.
CVE-2020-28476
PUBLISHED: 2021-01-18
All versions of package tornado are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configura...
CVE-2020-28473
PUBLISHED: 2021-01-18
The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with defa...
CVE-2021-25173
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation with excessive size vulnerability exists when reading malformed DGN files, which allows attackers to cause a crash, potentially enabling denial of service (crash, exit, or restart).
CVE-2021-25174
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory corruption vulnerability exists when reading malformed DGN files. It can allow attackers to cause a crash, potentially enabling denial of service (Crash, Exit, or Restart).