The Ins and Outs of Securing Your Enterprise OneDrive
OneDrive’s 115 million monthly active users agree; the accessibility to all your work-related assets at any time from anywhere is an invaluable productivity boost.
However, with all their benefits, OneDrive and competing platforms are quickly becoming a breeding ground for vulnerabilities and attacks. Businesses tend to mistakenly assume that OneDrive, Box, Google, DropBox, and other enterprise-grade cloud sharing platforms are very safe. And although all those cloud services have top-notch, stringent cybersecurity checks and policies in place, they cannot cover all bases. In other words, their security is not bullet-proof.
The Irresistible Appeal of Cloud-based File-sharing Systems
The ability to work from anywhere, at any time, makes companies more global and connected than ever before. Forty-two percent of organizations believe that providing access to data at anytime is the main driver for cloud adoption. To support this claim:
- Today, an overwhelming majority of 90% of companies are using some cloud services (451 Research)
- Cloud adoption is expected to grow 3x the growth of overall IT services by 2022 (Gartner)
- OneDrive among the leading enterprise cloud storage platforms in the market (Sharegate)
- Over 85% of Fortune 500 companies use OneDrive
The Pros and Cons of Working from OneDrive
The advantages of using OneDrive in a business environment are pretty well known. To recap:
- Easy organization: Employees can store any files (including documents, photos, and video) and access them from any device
- Close collaboration: Multiple people can collaborate in real-time from anywhere in the world, at any given time
- Synchronization: automatically backed up and synchronized on any device
- Integration with office tools: OneDrive easily integrates with the entire enterprise technology stack
- Policy enforcement: Having everything on a single platform enables centralized management and policy enforcement
- Data governance: Data is stored and managed from a centralized platform
- Visibility: Storage management is easy, with full visibility into what is going on
Despite the many pros, the ability of enterprises to keep their files safe in a cloud storage platform such as OneDrive is often questioned. According to Cloud Security Alliance, over 50% of IT and security professionals believe cloud storage is the riskiest cloud app category. Most commonly voiced concerns include:
- External sharing: OneDrive for Business has the built-in functionality of sharing documents, folders, and other content with external users. If sharing with external users is enabled, an organization’s security team loses control over what shared files contain, exposing the enterprise to potential attacks.
- User error: Cloud sharing platforms remain the number one targeted platform for hackers, and user error in global security settings can easily lead to a breach.
- Violation of trust: According to Verizon, 28% of security attacks involved individuals with authorized access to company data. Cloud sharing makes insider threat ever more dangerous since the whole point of those platforms is ease of access to enterprise assets and resources.
But there is plenty to be done to make your OneDrive more secure.
How to Secure your OneDrive
Step 1: Cover the Basics
In cybersecurity, the most trivial and “obvious” measures often prove themselves to be the most effective. As a matter of policy, ensure that everyone in your organization:
- Creates a unique and robust password.
- Enables 2FA authentication, preferably with the use of a secure factor such as biometrics.
- Adds additional security and recovery info to their Microsoft account: users can add password recovery and security information, such as a phone number, an alternate email address, and a security question. That way if the user’s account ever gets hacked, Microsoft can use security info to verify your identity and help resolve the issue.
Step 2: Carry out Frequent Breach and Attack Simulations
Breach and attack simulations (BAS) take the saying “if you want to stop a hacker, think like a hacker” to the next level. BAS goes beyond pentesting and threat hunting. By automatically and continuously simulating attacks on an enterprise, IT teams can catch misconfigurations, errors, and security holes that would otherwise be missed.
The new generation of BAS tools make it possible to continuously test your security posture in a fully-automated and systematic way, ensuring that a real hacker doesn’t catch you off guard.
Step 3: Invest in a Content-Centric Cybersecurity Tool
To ensure that anything that is shared through your enterprise’s OneDrive is safe for your users to click, it is imperative to have a security tool built specifically for that purpose.
Most security tools are only capable of catching known exploits and vulnerabilities, and are only able to intercept an attack when it is already well underway. In addition, these tools typically offer a limited ability to guard against Zero Day exploits and unknown threats.
To protect the enterprise in the hyper-connected cloud world, security experts need tools capable of proactively detecting attacks. The approach should be pre-delivery, not post-exploit. Preventing exploits, ransomware, spear-phishing, and Zero Day attacks contained in files and URLs before they reach the end-user is the only way to keep enterprise environments secure.
Stay Safe in the Cloud
As organizations are increasingly relying on OneDrive and other cloud sharing platforms, the wider the possible attack surface becomes. As content-bourne attack vectors proliferate, organizations need a holistic solution capable of guarding their assets in the cloud against advanced cloud-based threats.
BitDam’s solution was built to detect advanced content-bourne attacks and therefore provide remarkably higher protection for cloud-based sharing platforms. Based on an advanced application whitelisting technology, and requiring no configuration, BitDam determines whether a given file or web link is safe to click, regardless of the specific malware it may contain. As such, it does not require security updates, feeds, reputation, or intelligence services in order to detect never-seen-before attacks.