Just yesterday, I published a new e-Book on AMZN. It is
actually my end of year report, as it will be the last eBook for the year. The topic is on data breaches, and how
filling in the worker shortage gap could help eliminate some of these things
from happening.
The breaches are as usual from the past year, but data
leakages was at the top now, when the previous year it was down towards the
middle.
I have often been asked what a data leakage is, and how you
really define. Well, a data leakage is
just that . . . data is being exfiltrated either intentionally or not, and is
going out somewhere to a point of destination where it should not be going
to. You can easily compare this to a fluid
leak in your car. Obviously, you don’t
want it to leak anything.
What is interesting to note that is that data leakage issues
hardly ever occurred when businesses had their IT and Network infrastructures On
Prem. It only started to make waves once
COVID-19 hit, and all businesses were (and are still) making the rush to the Cloud.
More than likely, the Cloud migration was not properly
planned, or it was not thoroughly tested before the deployment went live.
In this blog, we are going to take a further look as to the
other catalysts of data leakages. Here
we go:
1)
Reliance upon suppliers:
We now live in a world that is
totally interconnected with another, whether we like it or not. Because of this, we are more reliant upon
third party suppliers. Gone are the days
when you could meet any potential partner face to face, everything is now done
via Teams or Zoom. Because of this, the
risks of data being leaked at your outside supplier are now even greater than
ever before. For example, suppose you
outsource your payroll functions to a third-party vendor. You really don’t need to meet face to face,
any meetings can be held digitally. Obviously
you will be sharing private information and data (especially about your employees)
with this processor. You don’t know if
they have all of the controls in place to protect all that data. If they don’t, the chances of data leakage
from happening are far greater now. But
here is the catch that you need to be aware of:
If anything does happen to this payroll processor, you will be
held for any damages caused by the data leakage not, you!!!
2)
Misconfigured buckets:
Whenever you transition from an On
Prem to a Cloud Infrastructure either on the AWS or Microsoft Azure, one of your
first goals is to create a secure storage space in which to store your information
and data in. These are technically known
as “storage buckets”, and in the AWS, this known as the “S3 Bucket”. S3 is an acronym that stands for “Simple
Storage Service.” While it is a great
tool to have and is relatively simple to deploy, many companies fail to
configure their S3 buckets to their own security requirements and instead, rely
upon the default settings that the AWS provides. This has been a huge culprit in the data
leakage issues surrounding these S3 buckets.
Everybody wants to blame Amazon, but the truth of the matter it is you,
the CISO that should take ultimate responsibility to make sure that everything
is configured properly.
3)
Poor source code:
Today, we are seeing source code
being compiled in a way that is totally insecure. For example, software developers often do not
test the modules for any weaknesses or misconfigurations, or it they do, it is
often done at the last minute, and very hastily. Very often, open-source APIs are also used, which
often have not been tested or updated with the latest patches and
upgrades. Because of all of this poor
source code being compiled, a lot of backdoors are now being left open, for which
the Cyberattacker can now penetrate quite easily into, and exfiltrate data from. This is happens quite a bit, but you hardly
hear about in the headlines, because nobody wants to admit it publicly and lose
customers over it.
4)
No encryption being used:
This is essentially where you use a
mathematical algorithm to scramble all of your datasets so that they remain in
a garbled state, and is incomprehensible should it be intercepted by a malicious
third party. The only way that they can
be made decipherable is by unlocking them with a private key. In fact, encryption tools are already available
with the major Cloud Providers, and it should be done automatically. However many businesses are still naïve about
this fact, and still store their datasets in a cleartext format. So once that data is exfiltrated, a
Cyberattacker can do anything that they want with it, even sell it on the Dark
Web.
My Thoughts On This:
If you want a complete laundry list on how to mitigate the
risks of data leakage, a simple Google search will suffice. There, you will find a checklists and frameworks
that you can use. But for purposes of
this blog, here is what would normally be recommended:
*Whether we are in the digital world or not, it is your
responsibility to vet out each potential third party completely and thoroughly
with whom you are considering with. Make
sure that their security policies and protocols that they have put into place
is at least equal to what you have in your own business.
*Before going into production mode, always double check that
your storge bucket settings are configured the way they need to be. Do not rely upon the default settings!!!
*Testing the source code should be a no brainer by now. After all, you are creating a portal for either
your customers or your employees, and you have to make sure that that as far as
possible, that there are no obvious backdoors that are open. Testing of the source code should be done on
a modular basis, so it all does not pile up in the end. In fact, there are many automated tools that
you can use as well to test the validity of the source code that is being
compiled.
Finally, as you migrate to the Cloud, make use of a Cloud
Services Provider (CSP). They can help
you plan the transition from beginning to end, and even help you with the encryption
issues as well.
No comments:
Post a Comment