A review of some of the most significant data breaches from the past year reveals that many resulted not because of a hacker having to apply exceptional technical prowess to infiltrate a system but as a consequence of an administrator having left the information sitting on the Internet by mistake. The problem is pervasive, according to Chris Vickery, a researcher at security company UpGuard who tracks database exposures. "It is the ugly elephant in the room that every security professional knows about, but doesn't want to talk about," he said. In many cases, the fault was that of a third-party company, an issue that’s likely to continue, if not grow worse, by companies’ increased transitioning of their information to cloud environments. While there are benefits to such a move, such as lowering costs and raising the quality of service, as with all new technologies there's a learning curve. If your data is exposed in an unsecured database, experts say you have to treat the situation the same way you would if the data had been stolen. Preventing a situation like this oftentimes requires manually sifting through search results from directories of cloud servers and any other device connected to the Internet, a task that many organizations aren’t taking seriously. Read the article at CNET.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!