WinZip Blog

Organizations are adopting the cloud in increasing numbers, with enterprise cloud spending estimated to comprise account for 14% of IT revenue worldwide by 2024. In 2020 alone, 61% of businesses moved their workloads to the cloud at least partially in response to the pandemic-fueled shift to remote work environments.

Enterprise cloud storage solutions create a unified IT environment that offers the agility of the cloud, partnered with the security of an on-site data center. Designed to meet the complex needs of large organizations, enterprise cloud storage provides the most positive aspects of both the public and private cloud.

In this article, we will explore what you need to know about enterprise cloud storage, including how companies can benefit from using these types of solutions.

What is Enterprise Cloud Storage?

The “cloud” describes a global network of remote servers that operate as a single ecosystem. This facilitates on-demand access to files and data for authorized users.

Cloud storage gives enterprises flexible, scalable access to processing power, computer memory, and data storage. Rather than shouldering the cost of implementing and maintaining your own networks and data centers, your organization can reduce costs and access these resources through enterprise cloud service providers.

Enterprise-level organizations handle large volumes of business-critical data, and cloud storage grants them the ability to scale storage requirements for expansive workloads. Cloud storage solutions are available in three primary forms:

• Public cloud. The public cloud delivers services such as data storage using the internet. The cloud service provider (CSP) develops, manages, and maintains resources that are leased to you and other tenants that use the CSP’s services. This cloud solution tends to be cheaper than private or hybrid, but it is also less secure. As such, a public cloud would not be a good fit for companies that handle sensitive data subject to strict compliance requirements, such aslike insurance, healthcare, or defense firms.

• Private cloud. With private cloud storage, your company does not share cloud resources with any other organization. This solution is highly customizable to your needs—for example, data can be stored and managed on-premises by your internal IT team or offsite by the service provider. Private cloud storage is ideal for companies in highly regulated industries like healthcare or finance with sensitive data that requires additional levels of security and access control. However, private clouds are often the most expensive option and can be limited in terms of scalability and access for mobile users.

• Hybrid cloud. A hybrid cloud is a flexible combination of a public and private cloud. This solution offers organizations the ability to leverage an on-premises private cloud and divert non-critical data to an offsite public cloud infrastructure. A hybrid deployment gives companies greater control over their data management and simplifies data transfer between public and private cloud storage. According to industry statistics, 87% of enterprise organizations use a hybrid cloud strategy, which is driven primarily by the cost effectiveness of hybrid cloud solutions.

Advantages and Disadvantages of Cloud Storage for Large Organizations

As with any technology, there are pros and cons that must be considered when evaluating the viability of cloud storage for enterprise-level organizations. By understanding the advantages and disadvantages of cloud storage, companies can evaluate solutions and make the best choice for their needs.

Advantage: Accessibility

Files stored in the cloud are easily accessible from anywhere and at any time. This is especially useful for businesses with distributed teams or remote and hybrid work environments, which is why industry experts predict that the enterprise cloud storage market will grow by nearly 15% by 2024.

Authorized users can access stored data using their preferred device, such as a desktop computer, tablet, laptop, or smartphone. This eliminates the need to manually transfer updated files from one device to the other, which is both inefficient and increases the likelihood of users working on out-of-date files.

Disadvantage: Security Concerns

When your company opts for cloud storage, you are handing your sensitive business data to a third-party service provider. This is whyTherefore, it is important to carefully evaluate service providers to ensure that they can keep your information secure. Security concerns are especially prevalent with public cloud deployments, which are prone to misconfigurations of their security and compliance features.

The appropriate configuration of security settings and access to storage inventory is critical to limiting data vulnerabilities. According to a recent cloud security report, 90% of organizations have cloud misconfigurations that leave them vulnerable to security breaches. Choose enterprise cloud storage solutions that can provide written assurances regarding how the cloud provider stores data, monitors security, and responds to breach events.

Advantage: Scalability

Enterprise cloud storage solutions allow enable your company to scale storage requirements based on your organizational needs. On-premises datacenters, however, may require an expensive investment into additional equipment and staff to meet increased storage requirements. This also makes it difficult to scale down on-premises storage solutions because doing so does not release your business from its original payment agreements.

With cloud storage, you pay for what you need and can easily scale up or down in response to changing circumstances. These changes can be made almost immediately without needing to purchase additional equipment, hardware, or software.

Disadvantage: Breaches and Leaks

As data moves between cloud storage and the user’s device or system, it is vulnerable to external attacks. The internet is not completely secure, and there are numerous existing vulnerabilities that can be exploited. In the first quarter of 2020, external threats to cloud services grew 630%, highlighting the need for secure data storage and transfer.

You can reduce the threat of external attacks by encrypting data when it is stored in the cloud and in-transit from one destination to another. Encrypted files give you the ability to control user access and monitor system activity. By maintaining visibility over your storage environment, you are better positioned to quickly identify and mitigate security risks.

Advantage: Disaster Recovery

Data stored in the cloud is backed up multiple times on servers in datacenters around the world. Building redundancy into data storage ensures that your data is safe in the event a server or entire datacenter is compromised. There is no single point of failure, and you can easily retrieve another copy of your data through an internet connection.

Because cloud service providers store identical copies of your data in several locations, your company can implement the 3-2-1 rule of secure backups. This is a key component in your company’s backup and recovery plan in which you have three copies of your data on at least two separate media, andand at least one backup at an off-site storage location.

How do companies benefit from enterprise cloud storage solutions?

In highly regulated industries, security is a critical component of cloud storage solutions. Fortunately, enterprise storage solutions often feature advanced security elements such as encryption, policy-based data retention, encryption key management, and detailed user logs.

For most organizations, applicable compliance requirements include the following:

• General Data Protection Regulation (GDPR). The GDPR deals with the protection and privacy of personal data. Companies must ensure that their CSP’s data protection services are compliant with GDPR guidelines. Under GDPR, you can be held responsible if your cloud storage provider violates GDPR standards, which is why enterprise CPSSPs provide additional levels of administrative and security features not found in consumer-grade solutions.

• Health Insurance Portability and Accountability Act (HIPAA). HIPPA protects the privacy and confidentiality of an individual’s Protected Health Information (PHI). A key HIPAA requirement for data protection is the offsite storage of data backups. If your data is stored in the cloud, you will need to store backup copies in a different location, such as another cloud storage solution or an on-premises server. Backups must also be encrypted both in transit and at rest, so they cannot be placed in unencrypted storage environments.

• Sarbanes-Oxley Act (SOX). In the US, all public companies must comply with SOX to protect the general public from errors and fraudulent practices (certain provisions also apply to privately held companies). Enterprise cloud storage solutions often have strong security measures in place for SOX compliance, such as access controls, encryption, and user authentication systems.

• Gramm-Leach-Bliley Act (GLBA). The GLBA requires financial institutions to protect the confidentiality of their customers’ personally identifiable information (PII). Its rules also apply to a company’s service providers and third-party affiliates, including cloud storage providers.

Enhance Your Cloud Security with WinZip Enterprise

Despite the benefits of cloud storage, it is not without its security risks. In fact, according to a 2020 cybersecurity study, the top concerns for cloud storage solutions include (but are not limited to) the following:

• Security misconfigurations.
• Lack of visibility into access and activities.
• Excessive user permissions.

These security concerns are well-founded since more than 79% of the surveyed companies had experienced a data breach in the last 18 months. Of those respondents, many were in highly-regulated industries such as finance, health, and government organizations.

For enhanced data protection, many businesses look to WinZip® Enterprise to simplify their file encryption processes. WinZip Enterprise’s AES encryption offers unsurpassed, military-grade protection that is leveraged by highly regulated companies handling sensitive data, including the financial services, insurance, healthcare, and defense and government sectors.

Discover how WinZip Enterprise simplifies cloud enterprise storage solutions and adds a layer of compression and security to your data files.

Data exfiltration is big business for cybercriminals and a significant problem for any company that finds themselves the victim of an attack. Any unauthorized movement of data is considered data exfiltration, which is also known as data extrusion, exportation, or theft.

Malicious actors that copy, transfer, or retrieve sensitive data without authorization might be outside attackers or malevolent insiders. To adequately address these threats, it is important to understand not just what data exfiltration is, but how to prevent such attacks through increased security measures.

How Is Data Taken?

Data is exfiltrated through three common attack vectors:

• Unintentional employee errors
• Intentional insider attacks
• Outsider targeted attacks

Both intentional and accidental insider actions account for 43% of data exfiltration events, with the rest attributed to outside actors. These outside actors include hackers, malware creators, and organized crime units, among others.

Cybercriminals often use phishing techniques to gain and exploit system access. In fact, phishing scams were listed in the top three internet crimes reported to the FBI in 2020. A ubiquitous method to steal organizational data, phishing attacks use emails that look legitimate and appear to be from a trusted sender, but these messages contain malicious links or attachments that threaten your cybersecurity.

Additional vectors of data extrusion include the following:

• Network breaches. Attackers can gain remote access to your data assets by exploiting access vulnerabilities, such as weak passwords, compromised user credentials, or brute-force techniques.

• Physical media. Around 40% of data exfiltration events involve physical media, such as downloading data to an insecure USB stick or stealing a laptop that holds sensitive information.

• Cloud storage. Close to 70% of companies that store data in the cloud have experienced a breach and data exposure is the second most common issue with cloud security.

Once the attacker has access to your system, they can peruse the network looking for sensitive data and critical assets. To execute the unauthorized data transfer, the most common method is to set up a shell communication channel. This channel facilitates remote interaction between the attacker’s command-and-control (C2) server and the compromised host network.

The C2 server is configured to respond to a predetermined protocol, which initiates the data transfer from the victim’s device to the attacker’s server. Common protocols used for data exfiltration include:

• Hypertext Transfer Protocol (HTTP). The HTTP protocol is commonly used on most networks, making it a prime choice for attackers. With the high volume of HTTP traffic that flows through enterprise networks, malicious actors can transfer sensitive data without being noticed.

• File Transfer Protocol (FTP). The FTP protocol is essential for transferring large files online. It does not use encryption and instead relies on plain text usernames and passwords for access authentication. An attacker can exfiltrate data if your FTP protocol’s outbound connections are not monitored or protected by a firewall.

• Domain Name System (DNS) protocol. The DNS protocol facilitates communication between internal networks and the internet and translates domain names into IP addresses. Attackers use a process known as DNS tunneling to reroute DNS queries to the attacker’s server, creating a data exfiltration path for unauthorized file transfer.

Security Risks Associated with Data Exfiltration

Data exfiltration is difficult to detect because it often mimics normal network traffic while moving data outside the company network. Should an incident go unnoticed until after the attacker has successfully exfiltrated your data, it could result in significant data losses.

Organizations with high-value data are at an increased risk of falling victim to data exfiltration. Examples of high-value data include, but are not limited to, the following:

• Personal information about customers, clients, or employees.

• Confidential enterprise information, including intellectual property, strategy documents, and proprietary technology.

• Financial information such as payment card data and bank account details.

Data exfiltration’s consequences are not just limited to data loss. It also leads to lost customer trust, reputational damage, and regulatory fines.

For example, the loss of proprietary information impacts your competitive advantage in the market. If sensitive personal information is compromised, your company can lose your customers’ trust and new customers may hesitate to work with you in the future.

The theft of personal data also opens your organization up to hefty fines for failing to comply with privacy regulations. For example, under the European Union’s (EU’s) General Data Protection Regulation (GDPR), the theft of personal data from an organization required to properly protect that data could lead to fines of up to 20 million euros (approximately $22 million USD).

In addition to the security risks associated with data loss, exfiltration events often occur in tandem with ransomware attacks. This form of cybercrime is known as double extortion because malicious actors first exfiltrate sensitive data before encrypting files and holding them for ransom or launching the ransomware payload.exfiltrate sensitive data before encrypting files and holding them for ransom, or launching the ransomware payload.

A double extortion attack means that should a company refuse to pay the ransom to have their files decrypted and returned to them, the cybercriminals can simply leak or sell the data on the dark web. During the first half of 2021, almost 80% of all ransomware events involved data exfiltration.

Threat actors are backing their ransomware attacks with data exfiltration in response to victims refusing to pay ransoms. Their unauthorized data transfer gives attackers extra assurance that they will profit from their efforts.

Even if the organization refuses to meet their demands, the cybercriminals can leverage the exfiltrated data. They can extort the company for even more money than the original demand or release the data on the dark web where it can be sold for a profit.

Data Exfiltration Is a Growing Threat

Data exfiltration is one of the fastest growing cyberthreats today, especially when it comes to using double extortion as a key technique in ransomware attacks. By the end of 2020, around 40% of known ransomware groups had data exfiltration capabilities.

Interestingly, double extortion has increased in popularity amongst cybercriminals in response to better data backup practices. Because companies have improved their processes for backing up data and devices, the threat of losing data if they do not pay a ransom in exchange for the decryption key is not as powerful.

Double extortion enables cybercriminals to encrypt and exfiltrate data, pressuring the victims into paying the attacker one way or another. In fact, the cost of cyber-extortion and ransom claims doubles when attackers exfiltrate data.

A key area of concern is the growth and proliferation of ransomware-as-a-service (RaaS) product offerings. This is pay-for-use malware that can be used by people with limited technical skill to extort stolen data. In a typical RaaS environment, the malware developer keeps a portion of the ransom, with the majority of the profits going to its affiliates.

For example, BlackCat is a RaaS solution in which threat actors pay RaaS operators to launch a ransomware attack. Since first appearing on the threat landscape in November 2021, BlackCat attacks have compromised companies all over the world, demanding ransoms as large as $3 million.

In February of 2022, Expeditors International were victims of BlackCat ransomware, which forced the company to shut down its systems to investigate and remediate the attack. Because Expeditors is part of the shipping supply chain, this event impacted shipping processes when Expeditors’ systems were taken offline.

BlackCat differs from other RaaS offerings because it not only exfiltrates sensitive data and encrypts systems—it also launches a distributed denial-of-service (DDoS) attack if the victim does not meet its demands. Double extortion with the added threat of a DDoS attack gives RaaS operators greater leverage in negotiating ransom payments.

How Secure File Storage and Sharing Combats Data Exfiltration

Comprehensive security strategies help prevent data exfiltration. A secure file storage and sharing system empowers IT teams with administrative controls over access privileges, encryption requirements, and other data management tools.

Secure file storage and sharing solutions employ permission-based user roles to control who can access what data. By granting access only to what is necessary for an individual’s job functions, the principle of least privilege (POLP) minimizes the attack surface in which data exfiltration can occur.

To ensure that the POLP still applies, IT teams should conduct regular, scheduled reviews of file storage and user activity. The frequency of these reviews will vary depending on system size and asset risk, ranging from monthly reviews of high-risk assets to annual reviews of low-risk systems.

Strong encryption protocols are needed to fend off malicious actors seeking to exfiltrate your data. Should cybercriminals access your system, they will be unable to read or understand information without the proper decryption key. Encrypting files both while at rest and in transit ensures end-to-end data protection, preventing unauthorized access to sensitive information.

File storage and sharing solutions include features to increase data visibility and security. When IT administrators can monitor movement of files and data, they are better positioned to identify anomalous or unusual behavior that could indicate data theft. For example, the following warning signs could indicate unauthorized insider activity:

• Turning off or not using security controls, such as encryption or multi-factor authentication.
• Accessing and/or downloading large volumes of data.
• Accessing data or applications that are not relevant to the person’s job role.
• Searching for security vulnerabilities, such as circumventing access controls.

WinZip Enterprise Increases Security and Helps Prevent Data Exfiltration Attacks

WinZip® Enterprise secures, manages, and protects sensitive business data. This fully customizable solution empowers IT admins with streamlined controls over user access, encryption standards, and protocols regarding the storage and sharing of information.

Detecting and stopping data exfiltration is key to eliminating data loss. Therefore, solutions like WinZip Enterprise are essential by providing file tracking, which records every instance of a file being moved, edited, or deleted. These insights help organizations review system activity and identify both insider attacks and external threats.

For unsurpassed protection of data at rest and in transit, WinZip Enterprise leverages military-grade AES encryption. This keeps files safe whether they are in storage or being shared, preventing unauthorized access and its associated costly unauthorized data transfers that can result in acts of extortion or even worse.

Explore how WinZip Enterprise can help your company prevent data exfiltration attacks and increase security measures.