The cloud is great, but it’s also dangerous in the wrong hands.
Companies have made a hard push to move databases and apps to the cloud over the last decade, but we’re now beginning to see the potential impact of doing so without a security-first migration or deployment strategy.
Recent data leaks have contained a massive amount of records. In some cases, the amount of compromised records that researchers have found has outstripped the size of the population in all but a few countries.
During the same period of time where the cloud is as sought after by businesses as the iPod was by consumers in the early 2000s, a disconcerting trend is emerging: Organisations are willingly storing customer, employee and operational data on misconfigured cloud servers, allowing anyone with a bit of know how to access it.
Don’t blink, you might miss a data leak
There are now more compromised records (7.7 billion) that we know about than there are people in the world (7.5 billion), according to Have I Been Pwned, a data breach registry service.
The security incident that tipped the scales was a data leak that was recently discovered by two security researchers. Analysts found a trove of email records in an unsecured MongoDB database that belonged to Vertifications.io, an email marketing company.
Figures surrounding the data leak range from 760 million to over 2 billion compromised records being found, depending on who you ask. Regardless of what the final total ends up being, the incident represents a major oversight in data security.
But that wasn’t the only data leak in 2019 that could be tied to the cloud. Security researchers at Adversis found an alarming amount of sensitive documents in public folders on Box, a cloud-based content management platform.
Analysts used brute-force attacks to guess the file path for a variety of enterprise customers – and found terabytes of Personally Identifiable Information (PII) after just a few days of doing so. Affected companies include Fortune 500 businesses like Apple and Schneider Electric, with an untold amount of small- and medium-sized enterprises.
Some of the data being accessed on misconfigured cloud servers comes from financial institutions that play a key role in the fabric of the global economy. In February 2019, researchers uncovered the records of 2.4 million customers that Dow Jones & Co. had placed on a watchlist and labelled high-risk clients, according to Yahoo! Finance.
The data leak gave analysts information on the world’s most high-profile celebrities, companies and politicians. It was openly available on an Elasticsearch cluster to anyone who knew how to get to it.
Enterprises have to plug the data leak
Ransomware. Cryptojacking. Phishing. Time and time again, these are the threats that businesses are told to actively defend against if they want to keep their data secure.
It’s time to add cloud security to that list. Misconfigured and publicly accessible servers have become a valuable source of customer data and company secrets, yet take a fraction of the effort to compromise them that a malware attack might.
Services like Shodan, a search engine for internet-connected devices, and strategies like brute-force attacks allow even entry-level cybercriminals to find their way to sensitive information. It’ll only become easier for hackers to discover this information moving forward as 84 percent of companies operate multiple clouds, according to RightScale’s State of the Cloud report.
With so many different services and so much information running through the cloud, unsecured data is bound to be stored in it at some point.
Much of the challenge in securing data on the cloud lies in defining who can access it. Authorisation is a simple, yet overlooked aspect of a cloud migration or deployment strategy. Ensuring that only the people in the organisation who need access to the data actually have it – and everyone else doesn’t – can mitigate a surprising amount of risk.
Tools like Dome9 are making cloud security easier for the companies that choose to take advantage of them. CloudGuard Dome9 is a cloud security orchestration platform that enables businesses to streamline the enforcement of best practices for public cloud configurations – no matter how many instances are running. Available for Amazon Web Services, Microsoft Azure and Google Cloud Platform, its array of functionalities allows organisations to prevent data leaks and focus on optimising the cloud itself for better performance.
Cloud readiness and cloud security assessment is pivotal in helping companies maintain a security-first IT mantra, and they’ll only become more valuable as time goes on. Businesses have come to rely on the cloud as a flexible solution to store data; consumers want to rely on organisations being able to secure their information on the cloud.