67% of businesses transfer passwords from on-premises to cloud environments

New research by Silverfort has uncovered that a majority of businesses synchronize on-premises passwords with cloud environments, compromising the security of the cloud setup. This migration of on-premises vulnerabilities to the cloud environment creates a loophole that malicious actors can exploit.

As organizations increasingly transition to cloud environments over the past decade, many have failed to adequately secure these setups. Common security vulnerabilities include misconfigurations, outdated legacy systems, and exploitable features that malicious actors can use to breach the cloud environment.

The researchers at Silverfort identified four distinct categories of Identity Threat Exposures (ITEs) to help security leaders classify, understand, and combat various identity-related threats:

1. Privilege escalators, such as unconstrained delegation and shadow admins, provide malicious actors with avenues to gain additional access privileges.
2. Lateral movers enable malicious actors to move laterally within the system without detection, utilizing accounts like prolific users and service accounts.
3. Password exposers, such as NTLM or NTLMv1 authentication, can expose account passwords to malicious actors.
4. Protection dodgers involve the creation of legitimate user accounts for malicious actors due to mismanaged accounts or human error, including new users, inactive users, and shared accounts.