Are files in the corporate cloud harmless by default?

Having a shared storage and data exchange environment can pose additional risks to corporate security.

There is hardly a company these days that doesn’t use some kind of cloud environment for storing and exchanging data. Otherwise, modern business would cease to operate. After 2020’s global pandemic, many witnessed or experienced remote work as a viable alternative to full-time presence in the office, and as a result, not everyone is in a rush to return employees to their desks. Meanwhile, those who have returned are not always keen to abandon the handy online collaboration tools they had to master last year. But, as ever, new tools come laden with additional risks.

What can go wrong with cloud file sharing?

Cybersecurity professionals tend to regard file storage and sharing tools with suspicion — and understandably so; seeing a legitimate tool weaponized against the company’s information systems is every infosec officer’s nightmare.

Before deploying an online file-sharing platform, consider the possible risks in the light of a single misconception: people’s default assumption that they can trust files downloaded from the corporate environment. An officially approved storage and data exchange platform is quite naturally perceived as part of that very corporate environment. But there are, in fact, several ways in which a malicious file can get inside.

  1. Employee error. Never mind novice employees, even old hands can fall for a cybercriminal’s tricks and upload a malicious file from an e-mail to the corporate cloud. Sometimes an employee may upload such files to shared storage simply looking for a second opinion from colleagues.
  2. Storage misuse. Back when employees worked on the same local network, they often exchanged non-work-related files — freeware, shareware, games, and documents — over internal servers. Old habits die hard, and many continue to use data-exchange platforms for that purpose. A strict ban might seem like a good solution, but putting one in place is more likely to push employees over to outside platforms over which you have no control. With a ban, the threat remains, but not your ability to manage it.
  3. Lateral movement of malware. Cybercriminals who have gained access to an employee’s device can use the cloud platform to amplify an attack by deliberately uploading malware to the cloud.
  4. Workplace revenge. A former employee may attack ex-colleagues or the company as a whole by planting malicious files in the system.

How to minimize cloud storage risks

A potential increase in attack surface is no reason to abandon useful data-storage and -exchange platforms. You simply need to choose a platform that lets you scan uploads for cyberthreats.

We offer the very tool you need: Kaspersky Scan Engine. The solution provides comprehensive protection against malware, Trojans, worms, rootkits, spyware, and adware; and it can scan HTTP traffic and check the reputation of files and URLs. What’s more, several cloud platforms have already integrated their technologies with ours.

ownCloud protection

This summer we partnered up with the file-sharing platform ownCloud, and now we’re pleased to report that Kaspersky Scan Engine can be deployed directly in the ownCloud environment. The integration means you can scan data right in the cloud — no need to send it outside for screening.

The implementation occurs through the open ICAP protocol, so we were able to move the scanning process to a separate server, delivering security without compromising platform performance. In the process, we also simplified setup, maintenance, and scaling.

To learn more about the use of Kaspersky tech in third-party products and services, please visit Kaspersky Scan Engine product page.