Accenture is the most recent in a string of main firms to show delicate cloud information this 12 months, following Verizon, Deloitte, and Dow Jones.
Considered one of many regarding safety developments from 2017 is the unintentional publicity of cloud information by way of misconfigured Easy Storage Service (S3) buckets from Amazon Net Companies. This 12 months has been marked with a number of information leaks from main organizations, most just lately Accenture.
“Whereas this incident could be very unlucky, it is not very stunning,” says RedLock cofounder and CEO Varun Badhwar of the Accenture leak.
Analysis from RedLock CSI (Cloud Safety Intelligence) exhibits 53% of companies utilizing cloud storage companies like AWS S3 have inadvertently uncovered a number of of the service to the general public Web, up from 40% earlier in Might. Researchers additionally discovered 38% of companies have skilled the potential compromise of an administrative account of their public cloud.
The pattern underscores a harmful downside widespread amongst companies of all sizes, in addition to the third events with which they entrust delicate data. Many do not take steps to correctly configure their cloud storage accounts or do not take the time to confirm the safety practices of third-party companies. Consequently, they compromise clients’ information.
“When you can offshore or outsource duties and features, you may by no means outsource the dangers,” stated Chris Pierson, chief safety officer at Viewpost, after the publicity of voter information from the Republican Nationwide Committee (RNC) by way of third-party misconfiguration again in June.
“As such, each firm that offers in delicate or helpful information ought to have an data assurance program that threat charges their distributors, screens them for safety and different elements, and supplies governance to the corporate concerning their third celebration and the chance urge for food set by the corporate.”
Right here, in no specific order, we spherical up ten main AWS leaks from this 12 months, affecting everybody from Chicago voters to US authorities staff with High Secret safety clearance.
Kelly Sheridan is Affiliate Editor at Darkish Studying. She began her profession in enterprise tech journalism at Insurance coverage & Know-how and most just lately reported for InformationWeek, the place she lined Microsoft and enterprise IT. Sheridan earned her BA at Villanova College. View Full Bio