Data leakage due to misconfigured security protocols in public cloud storage

Not long ago, researchers found 60,000 sensitive government files with the wrong security protocols. It happened due to incorrect classification of those files. The files happened to be stored in Amazon’s S3 Standard storage tier. That incident exhibited the necessity of paying attention to data classification. Cloud backup and storage are necessary solutions for every enterprise and even governments. However, incorrect classification of sensitive data can lead to data leakage.

GPS Vehicle Tracker Data Leaked due to Misconfigured Security Protocols

Recently Forbes revealed that over half a million vehicle tracking devices and their users’ data was exposed. This data leakage was reported by Kromtech’s Chief of Communications Bob Diachenko. He reported that 540,000-plus leaked records consisted of device information such as the tracker’s International Mobile Equipment Identity (IMEI), username/password hash combinations and email addresses associated with the tracker.

The compromised data also consisted of Vehicle information including license plate numbers, Vehicle Identification Numbers (VINs) and where the tracking device was physically installed. There were also 339 log files that contained everything from maintenance records to pictures. All of this data was accessible in Amazon’s S3 Standard bucket, due to the lack of appropriate security protocols.

Even though Amazon’s services are secured using advanced encryption methods, it matters little if the security protocols aren’t properly configured. This leakage can be connected with the public cloud nature of Amazon. This means, if you have sensitive nature of this data; it is better to resort to private cloud infrastructure for cloud based backup.

Data Leakage Challenge Resolved with Private Clouds

Private clouds can be daunting at first, however they have their perks. The recent data leakage incidents would not have happened if this data had been stored in backup appliances and a private cloud. Private clouds are capable of encrypting your data in ways that make them completely untouchable. For instance, StoneFly secures your data before transit, during transit and after transit as well. Therefore, the data is well protected and secured even from ransomware and hackers.

The other benefit of private clouds, such as StoneFly, is the replication and instant failover option. In terms of disaster recovery, this is necessary for enterprises that can’t tolerate any disruption. Besides the continuity, the data is secured from public access simply because it’s a private cloud. Only you have the encrypted keys that can access this data.

Conclusion

Recently, sensitive files have been leaked from public clouds due to misconfigured security protocols. Surely, cloud storage and backup cloud are necessary for enterprises globally. However, despite the advanced encryption methods employed by these companies to secure data; if the sensitive data is classified improperly, these methods are unusable. This makes private clouds a better option in terms of security. That’s because private clouds cannot be accessed in a similar manner to public clouds. An additional benefit to private clouds and on-premise backup infrastructure is that they can provide failover services; hence constituting an efficient backup and disaster recovery solution.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s