Recently, there has been a huge increase in data breaches caused by misconfigured access to and exploited vulnerabilities in cloud storage environments. Cybersecurity companies, like Digital Shadows, DarkMatter, Check Point Software and many others, have released their annual cloud security reports citing how misconfigurations are a growing concern that needs to be addressed immediately. Gartner goes as far as to say that 80% of data breaches will be due to misconfigurations and mismanaged credentials, and 95% of cloud security failures will be the customer’s fault.
This is becoming a common problem. Microsoft, MongoDB, Elasticsearch, Amazon Simple Storage Service (S3) servers, Box and Rubrik have had misconfiguration issues in the past that have exposed the data of thousands of companies. Unsecured Amazon Web Service (AWS) S3 storage buckets are perhaps the most frequently reported on files that are left unsecured, since they allow anyone using a search engine to access, download and, in some cases, even write to an organization’s cloud account.
In this solutions brief we will discover: