A new survey of 3,200 IT managers found that 70% of companies storing data with Microsoft, Amazon and other big cloud vendors were hacked or leaked data last year – often because of basic security lapses.
In one alarming data point, the survey shows 98% of companies failed to enabled multi-factor authentication on cloud accounts holding massive sets of sensitive data, in a simple security step many consumers take with their own email and social media accounts.
The survey, conducted by the English cybersecurity company Sophos, found that simple security actions could safeguard sensitive company data, preventing data theft and ransomware.
"It is staggering," said John Shier, a senior security expert at Sophos who worked on the report. "In many cases if all you do is turn on multi-factor authentication, a lot of attackers won't bother. That one step takes a major chunk out of your security vulnerabilities."
Sophos commissioned research specialist Vanson Bourne to survey 3,521 IT managers currently hosting data and workloads using at least one of the following providers: Azure, Oracle Cloud, AWS, VMware Cloud on AWS, and Alibaba Cloud. In addition, they may also have used Google Cloud and IBM Cloud. Sophos had no role in the selection of respondents and all responses were provided anonymously. The survey was conducted during January and February of this year.