Meanwhile, excessive permissions can go unnoticed because they are often granted by default when a new resource or service is added to a cloud environment. factor comes into play: an overworked security officer or IT administrator may fail to identify and remove such permissions, creating a significant vulnerability that may only be discovered after the fact.
Early detection does not always guarantee prevention, according to the study; more than 13% of respondents who discovered overpermissions reported they were unable to mitigate the risks before the data was compromised.
Given these challenges, it’s no surprise that more than 79% of respondents reported experiencing a cloud data breach in the last 18 months. Worse yet, 43% reported experiencing ten or more breaches.
Many of the organizations that reported the highest number of cloud data breaches were among those that identified excessive access to sensitive data among their employees. The healthcare industry is jordan mobile database at risk, according to the study, with nearly a third of organizations in the sector reporting that they had identified situations where employees had excessive access permissions.
Principle of least privilege
The steps many CISOs are taking to mitigate the risks associated with excessive permissions reflect a growing interest in the least privilege model, which is based on restricting each human or machine identity, user, or application to the precise permissions needed to perform legitimate work activities in order to protect cloud environments.